drama-evaluator
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION] (INFO): The skill processes untrusted story scripts for evaluation, which presents an indirect prompt injection surface. The risk level is restricted to INFO because the skill has no tool access or executable logic to exploit. 1. Ingestion points: Story text inputs described in the evaluation workflow. 2. Boundary markers: Absent; there are no defined delimiters to isolate untrusted input from evaluation instructions. 3. Capability inventory: None; the YAML metadata explicitly defines 'allowed-tools: []' and no scripts are provided. 4. Sanitization: Absent.
- [NO_CODE] (SAFE): This skill consists entirely of markdown documentation and prompt templates. There are no executable files (Python, JS, etc.) or binary artifacts.
- [COMMAND_EXECUTION] (SAFE): Metadata configuration prevents the skill from accessing any command-line tools or external services.
Audit Metadata