story-init

Pass

Audited by Gen Agent Trust Hub on Jun 28, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill's primary function is to organize local files for fiction writing. It does not perform network operations, access sensitive system files, or execute external code. No malicious patterns or security risks were identified across all threat categories.- [INDIRECT_PROMPT_INJECTION]: The skill provides a surface for indirect prompt injection as it interpolates untrusted user input (story synopsis, themes, etc.) directly into markdown files without explicit sanitization. While this could lead to the storage of malicious instructions in project files, the impact is minimal as the skill only performs file-write operations and does not interpret the content as executable code.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 28, 2026, 11:58 PM
Security Audit — agent-trust-hub — story-init