story-deslop

Pass

Audited by Gen Agent Trust Hub on May 20, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [SAFE]: The skill's instructions and reference files are consistent with its stated purpose of creative writing and text polishing. It provides legitimate linguistic guidelines for 'de-slopping' AI-generated content.
  • [COMMAND_EXECUTION]: The skill mentions using the Unix command wc -m or Python as a means to verify character counts before and after text modification. These are standard local operations for the intended task and do not pose an external threat.
  • [PROMPT_INJECTION]: The skill operates on user-submitted text and uses this data to generate diagnostic reports and prompts for sub-agents (narrative-writer). While this represents a potential surface for indirect prompt injection where malicious text could influence the sub-agent, the risk is minimal given the specialized nature of the task and the lack of high-privilege capabilities.
  • Ingestion points: User-provided novel text (SKILL.md).
  • Boundary markers: No explicit delimiters are used when passing diagnostic results into sub-agent prompts.
  • Capability inventory: Sub-agent spawning via tool calls and local character count utilities.
  • Sanitization: The skill does not implement specific sanitization for the input text, relying on the model's inherent guardrails.
  • [EXTERNAL_DOWNLOADS]: The skill references a GitHub repository in its metadata (github.com/worldwonderer/oh-story-claudecode), which belongs to the skill's author and is considered a vendor resource. No active downloads via curl or wget are performed.
Audit Metadata
Risk Level
SAFE
Analyzed
May 20, 2026, 08:36 AM
Security Audit — agent-trust-hub — story-deslop