scriptwriter-skill
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [SAFE]: No malicious patterns such as data exfiltration, remote code execution, or obfuscation were found in the provided files. The skill operates within a restricted local environment using standard file system tools for its intended creative purpose.
- [COMMAND_EXECUTION]: The skill utilizes the
lscommand to list files in thescript/directory. This is a standard operation used to track episode history and ensure narrative consistency and is correctly scoped to the script-related path. - [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection as it reads existing files from the
script/directory to maintain continuity. This is a core functional requirement for the skill's purpose. - Ingestion points: Reads existing script files from the
script/folder as instructed in SKILL.md. - Boundary markers: None explicitly defined in GUIDELINES.md or SKILL.md to distinguish between instructions and data.
- Capability inventory: Authorized tools include Read, Write, and Bash (ls) as defined in SKILL.md frontmatter.
- Sanitization: No specific sanitization or filtering of ingested content is mentioned in the provided documentation.
Audit Metadata