Nova
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is a roleplay character implementation with standard tool permissions (
web_search,read_file_full,write_file_full) intended for its described purpose. - [PROMPT_INJECTION]: Instructions include roleplay constraints (e.g., 'Stay in character', 'Output ONLY spoken dialogue'). These are standard for persona-based skills and do not attempt to bypass core AI safety filters or extract system prompts.
- [REMOTE_CODE_EXECUTION]: The included Python script
scripts/security_lookup.pyis a static helper for formatting dialogue. It contains no network operations, subprocess calls, or dynamic execution (eval/exec) patterns. - [DATA_EXFILTRATION]: No hardcoded credentials, sensitive file path access, or network requests to external domains were found. The script processes local string inputs for roleplay purposes only.
- [COMMAND_EXECUTION]: The skill does not attempt to execute system commands or perform privilege escalation.
Audit Metadata