plot-workflow
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): No instructions found that attempt to override AI safety filters or system prompts. The instructions are focused on orchestrating a story plotting workflow.
- [Data Exposure & Exfiltration] (SAFE): No hardcoded credentials (API keys, tokens, or passwords) were detected. The skill does not perform any network operations to external domains.
- [Remote Code Execution] (SAFE): No evidence of downloading and executing remote scripts or packages. No use of eval(), exec(), or subprocess calls on untrusted input.
- [Privilege Escalation] (SAFE): The skill does not use administrative commands (sudo, chmod) or attempt to modify system configuration files.
- [Indirect Prompt Injection] (LOW): The skill processes user-provided story outlines and text. While this is a data ingestion surface, the skill does not possess high-risk capabilities (like internet access) that could be exploited via malicious text embedded in a story.
- Ingestion points: User input (story text or outlines).
- Boundary markers: None explicitly defined in the provided markdown.
- Capability inventory: Uses 'Read' and 'Write' tools for local file operations.
- Sanitization: None specified for input story text.
Audit Metadata