storybook-setup

Pass

Audited by Gen Agent Trust Hub on Jun 17, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill triggers project configuration via the npx storybook ai setup command. This uses the official Storybook command-line utility to analyze the project and generate preview configurations.
  • [PROMPT_INJECTION]: The skill instructs the agent to "Follow the printed Markdown precisely" from the CLI output. This represents an indirect prompt injection surface where the agent is told to trust and execute instructions provided by an external tool's output. While this creates a dependency on the integrity of the CLI's output, it is a standard functional pattern for this vendor's AI-assisted setup workflow.
  • Ingestion points: Output from the storybook ai setup command.
  • Boundary markers: Absent; the agent is instructed to follow the output directly.
  • Capability inventory: File system access and project configuration modifications required to follow the setup plan.
  • Sanitization: None specified; the agent relies on the CLI's generated instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 17, 2026, 03:15 PM
Security Audit — agent-trust-hub — storybook-setup