storytelling-expert
Pass
Audited by Gen Agent Trust Hub on May 16, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is entirely text-based and instructional. It contains no executable scripts, shell commands, or network requests. Its functionality is limited to processing user input through the language model's internal logic.
- [SAFE]: No sensitive file paths, hardcoded credentials, or data exfiltration patterns were detected. All instructions focus on formatting and narrative structure.
- [PROMPT_INJECTION]: The skill processes user-provided text to apply storytelling frameworks. As with any skill that ingests untrusted data, there is a theoretical surface for indirect prompt injection where a user could try to influence the agent's behavior through the content being rewritten. However, the skill has no dangerous capabilities (like file writing or network access) to exploit, making the risk negligible.
- Ingestion points: User-provided text in prompts like 'improve this story: [context]'.
- Boundary markers: Not explicitly defined in instructions.
- Capability inventory: Limited to text generation; no subprocess, network, or file-write capabilities.
- Sanitization: Standard LLM output filtering applies.
Audit Metadata