screenwriter
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill is designed to ingest untrusted user-provided story concepts and transform them into structured output. Ingestion points: User-supplied 'raw ideas' or 'story concepts' entering the agent context via the workflow described in SKILL.md. Boundary markers: The skill uses XML tags (e.g., ) to delimit structured output, which provides some structural separation. Capability inventory: No dangerous capabilities, such as subprocess execution, network operations, or file-system writing, were identified in the provided files. Sanitization: The instructions do not specify any sanitization, escaping, or explicit 'ignore embedded instructions' delimiters for the user-supplied input data.
- [Unverifiable Dependencies] (SAFE): The file
tests/test_scenarios.mdsuggests installingpytest. This is a standard, reputable testing framework and represents no significant security risk in this context.
Audit Metadata