world-code-start
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements a state-tracking mechanism using the local filesystem. It checks for the existence of specific markdown files (e.g., voice.md, climax.md) within a 'world-code/' directory to determine user progress. This is standard functional behavior for a hub skill intended to manage complex workflows.
- [PROMPT_INJECTION]: An assessment of indirect prompt injection surfaces was performed. The skill reads and summarizes content from local files previously created by other sub-skills. While this creates an ingestion point for external data, the risk is considered low because the skill uses the information only for summarization and routing within its own controlled framework. Ingestion points: world-code/*.md files. Boundary markers: None explicitly present. Capability inventory: Internal skill invocation and file read access. Sanitization: The content is summarized to identify key ideas rather than being directly executed as instructions.
Audit Metadata