story-setup
Pass
Audited by Gen Agent Trust Hub on May 20, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill deploys utility shell scripts to the project's
.claude/hooks/directory. These scripts are registered in.claude/settings.local.jsonto execute during platform events like session start or compaction to manage project state. - Evidence: Utility scripts in
references/templates/hooks/are registered via the configuration inreferences/templates/settings-hooks.jsonto automate tasks such as context recovery and status reporting. - [EXTERNAL_DOWNLOADS]: The integrated researcher agent uses browser automation to search for and retrieve information from well-known search engines (Google, Bing) and external reference websites to assist with world-building and factual accuracy.
- Evidence: The research workflow described in
references/templates/agents/story-researcher.mdinvolves automated navigation to search engines. - [REMOTE_CODE_EXECUTION]: The researcher agent utilizes the
agent-browsertool to execute JavaScript snippets in a browser context for the purpose of DOM manipulation and data extraction from web search results. - Evidence: Use of the
agent-browser --cdp evalcommand inreferences/templates/agents/story-researcher.mdto extract link and text data from search results.
Audit Metadata