story-memory
Pass
Audited by Gen Agent Trust Hub on Jun 29, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill instructions focus entirely on creative writing project management, including fact extraction, context scoping, and issue tracking. No suspicious network operations, credential access, or obfuscated code were found.
- [INDIRECT_PROMPT_INJECTION]: The skill is designed to ingest and process untrusted data (user-written story chapters and character notes). While this creates a potential surface for indirect prompt injection if an attacker-controlled chapter contained malicious instructions, the skill's primary function is data organization within a local knowledge base (
kb/andwork/directories), which is consistent with its stated purpose. - Ingestion points: Processes written chapters, manuscript files, and conversation history via
resources/fact-extraction.mdandresources/story-context.md. - Boundary markers: The skill suggests scoping context tightly but does not explicitly mandate the use of XML tags or other boundary delimiters for the processed text.
- Capability inventory: Primarily filesystem write access to specific project directories (
kb/,work/,issues/). No high-privilege operations or network exfiltration capabilities were observed. - Sanitization: No explicit sanitization or filtering of input text is mentioned, which is common for creative writing tools where preservation of original prose is expected.
Audit Metadata