story-coach
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill operates as intended for assistive coaching and does not contain instructions to bypass safety filters or perform unauthorized actions.- [SAFE]: Persistence Mechanism: The skill reads and writes session state to local markdown files (e.g., '.story-coach-output.md' and project-specific coaching files). These operations are restricted to the local project environment for the purpose of maintaining context across sessions and do not target sensitive system directories or credentials.- [PROMPT_INJECTION]: Indirect Prompt Injection Surface (Category 8 Analysis): The skill ingests user-provided story prose for coaching purposes. While it processes this untrusted data, its risk is negligible as its capabilities are restricted to conversational coaching and local file logging.
- Ingestion points: User-submitted fiction prose and feedback requests.
- Boundary markers: Absent; no specific delimiters are defined for user-provided text.
- Capability inventory: Local file system writes for session persistence; no network or subprocess capabilities.
- Sanitization: Absent; user-provided text is not sanitized before being logged to persistence files.
Audit Metadata