neta-travel
Pass
Audited by Gen Agent Trust Hub on Mar 20, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill uses 'npx -y @talesofai/neta-skills' to download and run the vendor's package for campaign management.\n- [COMMAND_EXECUTION]: The skill executes multiple shell commands to create, update, and retrieve story data through the @talesofai/neta-skills CLI tool.\n- [PROMPT_INJECTION]: The 'mission_plot_attention' field is explicitly documented to contain rules that 'override all other context unconditionally,' which is a pattern used for instruction overriding.\n- [PROMPT_INJECTION]: The skill contains an indirect prompt injection surface.\n
- Ingestion points: External story content and behavioral rules are fetched from a remote database via 'request_travel_campaign' as described in references/travel-playing.md.\n
- Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present in the prompt templates that incorporate the fetched data.\n
- Capability inventory: The skill can execute shell commands via 'npx' across several files.\n
- Sanitization: There is no evidence of validation or sanitization for the content of the 'mission_plot_attention' field before it is used to direct agent behavior.
Audit Metadata