story-short-write

Warn

Audited by Gen Agent Trust Hub on May 22, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to execute shell commands such as python3 -c, wc -m, and wc -l to perform character and line counts on local files. These instructions include the interpolation of variable file paths into shell command strings, which presents a potential risk for command injection if the agent or environment does not properly sanitize the file names before execution.
  • [DATA_EXFILTRATION]: The skill is designed to read and write numerous files within the local project workspace, including story drafts (正文.md), outlines (小节大纲.md), and reference materials. While these operations are core to its functionality, the ability to read arbitrary files for 'character counting' or 'reference loading' could be used to expose sensitive local data if misdirected.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection (Category 8) as it is designed to ingest and process untrusted data from user-provided reference folders (对标/ and 拆文库/). These files are used to extract writing styles, plot nodes, and techniques, meaning adversarial instructions hidden within these reference materials could potentially influence the agent's behavior or sub-agent spawning logic.
Audit Metadata
Risk Level
MEDIUM
Analyzed
May 22, 2026, 08:55 AM
Security Audit — agent-trust-hub — story-short-write