inkos-multi-agent-novel-writing
Pass
Audited by Gen Agent Trust Hub on Mar 16, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious patterns or security vulnerabilities were identified in the skill's instructions or implementation details.
- [EXTERNAL_DOWNLOADS]: The skill is distributed as a TypeScript CLI package via NPM (
@actalk/inkos), which is the primary distribution method for this tool. - [DATA_EXFILTRATION]: The system transmits text content to external LLM providers and AIGC detection services (e.g., GPTZero) to perform its core functions. It also supports user-configured webhooks for task notifications.
- [PROMPT_INJECTION]: The skill utilizes a multi-agent pipeline where the output of a writing agent is processed by an auditing agent. This creates a surface for indirect prompt injection where generated text might influence subsequent agent decisions.
- Ingestion points: Local files like
story/outline.md,style_guide.md, and the generated chapter content inchapters/ch*.md. - Boundary markers: The system uses structured JSON schemas for audit results and fixed genre-specific templates.
- Capability inventory: The agents can write to the local filesystem and make network requests to LLM APIs and webhooks.
- Sanitization: A deterministic post-write validator runs 11 rules to filter content before it reaches the audit stage.
Audit Metadata