update-storybook-snapshots
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- COMMAND_EXECUTION (LOW): The skill instructs the agent to execute shell commands including pnpm, git, pkill, and lsof. It also directs the agent to execute a local repository script at ./scripts/update-storybook-snapshot.sh.
- EXTERNAL_DOWNLOADS (LOW): The troubleshooting section includes instructions to run 'pnpm i', which involves downloading external dependencies from the npm registry.
- PROMPT_INJECTION (LOW): (1) Ingestion points: The skill processes external content in the form of Storybook stories and UI components. (2) Boundary markers: None identified. (3) Capability inventory: Shell command execution via pnpm and file system modification via git. (4) Sanitization: None identified. (5) Risk: The skill is vulnerable to indirect prompt injection if malicious instructions are embedded within the stories or components being processed.
Audit Metadata