story-summarizer
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill processes untrusted user-provided story text. While it lacks high-risk capabilities like code execution or network writes, there is a theoretical surface for indirect prompt injection if the input text contains malicious instructions. However, the current scope is limited to summarization and reading, which poses negligible risk to the system.
- Ingestion points: The '故事文本' (Story Text) input field provided by users.
- Boundary markers: None specified for the input text.
- Capability inventory: Limited to the
Readtool. - Sanitization: None specified, but the output format is strictly structured, reducing the likelihood of instruction leakage.
- [Command Execution] (SAFE): No shell commands, subprocess calls, or system-level operations are present in the skill files.
- [Data Exfiltration] (SAFE): No network operations or sensitive file access patterns were detected. The skill only requests permission to read files provided by the user for summarization.
Audit Metadata