Skills
skills/honestman9527/novel-studio/ns-brainstorm/Gen Agent Trust Hub

ns-brainstorm

Pass

Audited by Gen Agent Trust Hub on Apr 29, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its core function of ingesting untrusted user input and persisting it to the local filesystem. This could allow maliciously crafted input to influence downstream agent activities that consume the generated project metadata.
  • Ingestion points: User-provided novel ideas, themes, and character descriptions (SKILL.md).
  • Boundary markers: Absent; the instructions do not define specific delimiters or guardrails to isolate user input from the resulting YAML structures.
  • Capability inventory: The skill instructs the agent to write data to 'novel-studio/plan.yaml', 'novel-studio/memory.yaml', and 'novel-studio/continuity.yaml' (SKILL.md).
  • Sanitization: Absent; the skill lacks explicit validation or escaping logic for the content written to the filesystem.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 29, 2026, 06:47 AM