storybook-setup
Pass
Audited by Gen Agent Trust Hub on Jun 17, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill triggers project configuration via the
npx storybook ai setupcommand. This uses the official Storybook command-line utility to analyze the project and generate preview configurations. - [PROMPT_INJECTION]: The skill instructs the agent to "Follow the printed Markdown precisely" from the CLI output. This represents an indirect prompt injection surface where the agent is told to trust and execute instructions provided by an external tool's output. While this creates a dependency on the integrity of the CLI's output, it is a standard functional pattern for this vendor's AI-assisted setup workflow.
- Ingestion points: Output from the
storybook ai setupcommand. - Boundary markers: Absent; the agent is instructed to follow the output directly.
- Capability inventory: File system access and project configuration modifications required to follow the setup plan.
- Sanitization: None specified; the agent relies on the CLI's generated instructions.
Audit Metadata