game-quest
Pass
Audited by Gen Agent Trust Hub on Mar 25, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or security risks were identified in the skill's instructions or logic.
- [DATA_EXPOSURE]: The skill performs read and write operations on local project files located in the
docs/directory (e.g.,docs/world-lore.md,docs/quest-registry.md). These operations are consistent with the skill's stated purpose of managing game design documentation and do not involve sensitive system files, environment variables, or credentials. - [PROMPT_INJECTION]: No attempts to bypass safety filters or override agent behavior were found. The use of "Hard Constraints" is task-oriented, ensuring the agent follows the designated game design workflow and phases.
- [INDIRECT_PROMPT_INJECTION]: The skill processes data from external files (
docs/*.md) which could technically serve as an injection surface if the files are attacker-controlled. However, the skill treats this data as context for creative writing and registry management without executing code or performing sensitive network operations based on the content. - Ingestion points: Reads content from
docs/world-lore.md,docs/quest-registry.md, anddocs/mvp-first-draft.mdin Phase 0 and Phase 1. - Boundary markers: Absent.
- Capability inventory: File reading and appending (
docs/quest-registry.md). No network access or subprocess execution. - Sanitization: Absent.
- [REMOTE_CODE_EXECUTION]: The skill does not download external scripts, execute shell commands, or use dynamic code execution functions like eval.
Audit Metadata