story-deslop
Pass
Audited by Gen Agent Trust Hub on May 20, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill's instructions and reference files are consistent with its stated purpose of creative writing and text polishing. It provides legitimate linguistic guidelines for 'de-slopping' AI-generated content.
- [COMMAND_EXECUTION]: The skill mentions using the Unix command
wc -mor Python as a means to verify character counts before and after text modification. These are standard local operations for the intended task and do not pose an external threat. - [PROMPT_INJECTION]: The skill operates on user-submitted text and uses this data to generate diagnostic reports and prompts for sub-agents (
narrative-writer). While this represents a potential surface for indirect prompt injection where malicious text could influence the sub-agent, the risk is minimal given the specialized nature of the task and the lack of high-privilege capabilities. - Ingestion points: User-provided novel text (SKILL.md).
- Boundary markers: No explicit delimiters are used when passing diagnostic results into sub-agent prompts.
- Capability inventory: Sub-agent spawning via tool calls and local character count utilities.
- Sanitization: The skill does not implement specific sanitization for the input text, relying on the model's inherent guardrails.
- [EXTERNAL_DOWNLOADS]: The skill references a GitHub repository in its metadata (
github.com/worldwonderer/oh-story-claudecode), which belongs to the skill's author and is considered a vendor resource. No active downloads viacurlorwgetare performed.
Audit Metadata