character-relationships
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWPROMPT_INJECTION
Full Analysis
- PROMPT_INJECTION (LOW): The skill exhibits an indirect prompt injection surface as it is designed to analyze external story text. An attacker could embed instructions within the story to influence the agent's behavior.
- Ingestion points: External story text provided for analysis (SKILL.md, Input Requirements section).
- Boundary markers: Absent. There are no defined delimiters or instructions for the agent to ignore embedded commands within the story text.
- Capability inventory: The skill is restricted to the 'Read' tool only (SKILL.md, YAML frontmatter). It lacks network access, file-writing, or code execution capabilities.
- Sanitization: Absent. The skill does not describe any sanitization or filtering of the input text.
- Risk Assessment: Due to the lack of side-effect capabilities, the risk is restricted to affecting the immediate analysis output or the agent's internal reasoning.
Audit Metadata