user-story-writing
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill includes a shell script at
scripts/scaffold-tests.sh. While currently a placeholder for generating test file scaffolding, it establishes a capability for shell command execution within the agent's environment. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it is designed to ingest and process user-provided requirement descriptions to generate structured stories.
- Ingestion points: User-provided feature requirements and descriptions processed by instructions in
SKILL.mdand templates inreferences/. - Boundary markers: The skill uses markdown structure (headers, templates), but does not implement specific delimiters or instructions to disregard embedded commands in the input data.
- Capability inventory: Includes shell script execution (
scripts/scaffold-tests.sh), Python logic execution (references/story-refinement-process.md), and JavaScript logic execution (references/story-splitting.md). - Sanitization: There is no evidence of input validation or sanitization before user-provided text is interpolated into the story generation or refinement process.
Audit Metadata