Skills
skills/lingfengqaq/webnovel-writer/webnovel-review/Gen Agent Trust Hub

webnovel-review

Pass

Audited by Gen Agent Trust Hub on Mar 11, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the Bash tool to run local utility scripts (webnovel.py) for workflow management and data indexing.
  • Evidence: SKILL.md contains multiple bash commands executing python "${SCRIPTS_DIR}/webnovel.py" --project-root "${PROJECT_ROOT}" index save-review-metrics --data '@review_metrics.json'.
  • [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection (Category 8) because it processes user-controlled novel chapters while possessing significant tool capabilities like file editing and command execution.
  • Ingestion points: The novel chapter text processed by checker sub-agents and the .webnovel/state.json project configuration file.
  • Boundary markers: There are no explicit delimiters or instructions to the agents to ignore potential commands embedded within the chapters.
  • Capability inventory: The skill has access to powerful tools including Bash, Write, Edit, and Read.
  • Sanitization: Novel chapter content is not sanitized or validated for malicious instructions before being passed to sub-agents for review.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 11, 2026, 12:01 PM