comedy-forge
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADS
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill documentation suggests installation via
npx skill add https://github.com/Geeprox/ComedyForge, fetching content from the author's repository. This is a standard procedure for skill integration in supported environments. - [SAFE]: The skill implements a robust context isolation protocol using XML-style tags to separate the 'persona_creator' and 'persona_judge' contexts. This prevents internal configuration or sensitive persona data from leaking into evaluation prompts.
- [SAFE]: The distillation workflow (distillation-engine.md) enforces strict formatting and length limits on processed concepts and reasons. It explicitly forbids passing raw lines or hidden persona details to minimize the risk of indirect prompt injection.
- [SAFE]: All runtime operations are governed by a central configuration file (.comedy-forge/skill.mdc) that defines non-negotiable hard constraints, parameter ranges, and required protocol sequences to ensure consistent and safe execution.
Audit Metadata