story-review

Pass

Audited by Gen Agent Trust Hub on Jun 29, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: No security issues detected. The skill provides methodologies for editorial review and a script for prose metrics calculation that follows best practices.
  • [COMMAND_EXECUTION]: Documentation in resources/prose-critique.md and resources/prose-critique/baseline.md provides examples for running the analyze.py script using shell commands (e.g., uv run). This is an intended feature for technical prose analysis and does not involve risky patterns such as piping remote scripts to a shell.
  • [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted markdown prose files, presenting a potential indirect prompt injection surface.
  • Ingestion points: Prose files in markdown format are processed by resources/prose-critique/analyze.py and reviewed by the agent as described in SKILL.md.
  • Boundary markers: None explicitly defined in the provided instruction files to separate user prose from system instructions.
  • Capability inventory: The skill scripts (analyze.py) use standard Python libraries for text processing and do not perform network operations, subprocess executions, or sensitive file writes.
  • Sanitization: The analyze.py script uses regular expressions to strip markdown formatting and frontmatter before analysis, which serves as a basic layer of data cleaning.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 29, 2026, 05:03 AM
Security Audit — agent-trust-hub — story-review