import-world-from-book

Pass

Audited by Gen Agent Trust Hub on Jun 23, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The script scripts/extract-world.ts programmatically executes the opencode command-line tool to perform automated data extraction using an AI agent.
  • [EXTERNAL_DOWNLOADS]: The skill uses standard Node.js libraries for EPUB parsing, terminal styling, and file system operations, as specified in its dependency manifest.
  • [SAFE]: The complex instructional prompts located in scripts/prompt.ts are designed to enforce structural consistency and data traceability (溯源) in the generated world folders, not to bypass safety guidelines.
  • [SAFE]: The skill's file operations are scoped to the user-provided workspace directory, and no evidence of unauthorized network activity or credential harvesting was found.
  • [SAFE]: The skill implements a structured workflow for processing untrusted data from book files, reducing the risk of unintended behavior during data ingestion.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 23, 2026, 12:39 AM
Security Audit — agent-trust-hub — import-world-from-book