storybook
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes user-supplied themes to generate story content and image prompts. \n
- Ingestion points: User-provided 'Theme' parameter defined in SKILL.md. \n
- Boundary markers: No explicit delimiters (e.g., XML tags or triple quotes) are used to isolate user input from the rest of the prompt instructions. \n
- Capability inventory: The skill utilizes the generate_image tool (Step 3) and performs file system writes for story.json, story.md, and image assets (Step 4) as described in references/output-format.md. \n
- Sanitization: There is no evidence of input validation or sanitization to prevent the user-provided theme from containing malicious instructions targeted at the agent or the image generation tool.
Audit Metadata