ns-illustration
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill operates entirely locally by reading novel content and writing prompt files to the 'visuals/' and 'novel-studio/' directories. This behavior is consistent with its stated purpose of assisting authors with visual documentation.
- [SAFE]: No network operations, credential harvesting, or external code downloads were detected in the instructions or configuration files.
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection as it ingests untrusted novel text (chapter content) without explicit boundary markers or sanitization. However, the risk is minimal as the agent's capabilities are limited to generating image prompts and writing to specific project-scoped files.
- Ingestion points: The skill reads the 'current chapter' text as a primary input for prompt generation (SKILL.md).
- Boundary markers: None present; the skill treats all text within the chapter section as content for analysis.
- Capability inventory: The skill is authorized to write to 'visuals/*.md' and 'novel-studio/art.yaml'.
- Sanitization: No sanitization of the input text is defined in the instructions.
Audit Metadata