markdown-to-storyboard
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the
execute_codetool to run a Python script that writes the generated storyboard data to a local file namedstoryboard.csvusing the standardcsvlibrary. - [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it processes untrusted markdown content provided by the user to generate the storyboard structure.
- Ingestion points: The primary source of data is markdown text supplied by the user in Step 1 of the workflow.
- Boundary markers: No explicit delimiters or instructions to ignore embedded commands (like 'ignore previous instructions') are provided to the agent when it reads the source markdown.
- Capability inventory: The agent has the capability to write files to the local file system using Python (
execute_code). - Sanitization: The skill lacks explicit sanitization or validation logic to ensure that instructions embedded within the user-provided markdown do not influence the Python code generation template.
Audit Metadata