story-generator
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the
mkdir -pcommand to create directory structures for organizing generated stories within thedocs/stories/path. This behavior is consistent with the skill's primary function of managing content for an MkDocs textbook. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes user-provided inputs, such as scientist names and themes, to generate narratives and file system paths.
- Ingestion points: User requests specifying the scientist's name, historical period, and story themes enter the agent context via natural language interaction.
- Boundary markers: The skill lacks explicit delimiters or instructions to ignore embedded commands within the user-provided data.
- Capability inventory: The skill possesses the ability to create directories (
mkdir) and write markdown files to the local file system. - Sanitization: No explicit sanitization or validation logic is defined for the user-supplied strings before they are used in commands or file content.
Audit Metadata