Skills
skills/worldwonderer/oh-story-claudecode/story-long-scan/Gen Agent Trust Hub

story-long-scan

Warn

Audited by Gen Agent Trust Hub on Apr 26, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to execute the agent-browser CLI tool using the --cdp flag to interface with a local Chrome instance.
  • [DATA_EXFILTRATION]: The skill explicitly directs the agent to access private user data (e.g., personal centers and favorites) by hijacking existing authenticated browser sessions on platforms like Qidian and Jinjiang.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection. 1. Ingestion points: Scrapes rankings and book data from multiple external platforms via WebSearch and browser tools (SKILL.md). 2. Boundary markers: Absent. 3. Capability inventory: Performs trend analysis and generates structured reports. 4. Sanitization: Absent.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Apr 26, 2026, 02:34 AM