storyboard-builder
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill is subject to indirect prompt injection risks (Category 8) due to its core functionality of processing untrusted data from user-provided design documents.
- Ingestion points: User-provided design documents, content outlines, and SME notes accessed via the Read tool or text input.
- Boundary markers: The skill does not define specific delimiters or instructions to ignore potential commands embedded in the user content.
- Capability inventory: The agent utilizes Read, Write, Edit, Grep, and Glob tools to analyze inputs and generate storyboard files based on templates.
- Sanitization: No validation or sanitization is performed on the input content before it is interpolated into the storyboard creation process.
- [NO_CODE]: The skill package is composed entirely of Markdown documentation and templates; no Python scripts, Node.js packages, or other executable files are included.
Audit Metadata