chapter-writing
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted data from multiple project files, creating a surface for indirect prompt injection.
- Ingestion points: The skill reads from
story.md,chapters/_index.md,plot/_index.md,plot/timeline.md, and files within theplot/arcs/,characters/, andlocations/directories. - Boundary markers: There are no specified boundary markers or instructions to ignore potential commands within the story files when they are loaded into the context.
- Capability inventory: The skill is capable of reading and writing Markdown files within the project structure. It does not possess capabilities for network communication, shell command execution, or dynamic code evaluation.
- Sanitization: The skill does not perform sanitization or validation of the content retrieved from the story files before use.
Audit Metadata