business-storyteller
Warn
Audited by Gen Agent Trust Hub on Jun 17, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill includes a shell script 'scripts/export_pdf.sh' that searches for and executes external browser binaries such as Chrome, Chromium, Brave, or Edge in headless mode on the host system to perform PDF conversions.
- [COMMAND_EXECUTION]: The skill executes a local Python script 'scripts/make_chart.py' using the system's Python interpreter to generate SVG chart files based on extracted technical data.
- [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection as it processes untrusted technical artifacts like specifications and pull requests. Ingestion points: technical documents provided by the user (as described in SKILL.md). Boundary markers: the instructions lack specific delimiters or 'ignore' instructions for the processed content. Capability inventory: the agent has access to local shell execution and browser invocation via provided scripts. Sanitization: no explicit logic is defined to sanitize or validate input data before it influences document templates or chart generation.
Audit Metadata