neta-adventure
Pass
Audited by Gen Agent Trust Hub on Apr 7, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute commands using the
@talesofai/neta-skillsCLI tool to create, update, and manage adventure campaigns. This includes passing user-provided strings as command-line arguments (e.g.,--name,--mission_plot).\n- [EXTERNAL_DOWNLOADS]: The skill usesnpx -y @talesofai/neta-skills@latestwhich involves downloading the package from the npm registry if it is not present in the local cache. As this package belongs to the skill's author, this is considered standard vendor functionality.\n- [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection by ingesting untrusted user input (story seeds and concepts) and storing it in fields likemission_plot_attention, which the agent is instructed to follow as unconditional behavioral rules during play mode.\n - Ingestion points: User-provided narrative concepts and seed data entered during the 'Craft' workflow (SKILL.md, adventure-crafting.md).\n
- Boundary markers: Absent. There are no clear delimiters or instructions to the agent to ignore or neutralize potential commands embedded within the user's story data.\n
- Capability inventory: The agent can execute CLI tools via
npxand read/write mission data to a persistent database via the provided tools.\n - Sanitization: Absent. The skill does not define validation or escaping procedures for user-supplied text before it is used in command arguments or narrative instructions.
Audit Metadata