Skills
skills/worldwonderer/oh-story-claudecode/story-review/Gen Agent Trust Hub

story-review

Pass

Audited by Gen Agent Trust Hub on May 12, 2026

Risk Level: SAFE
Full Analysis
  • [PROMPT_INJECTION]: The skill processes story content within sub-agent prompts, creating a surface for indirect prompt injection.
  • Ingestion points: Story text is interpolated into the {待审查内容} placeholder in SKILL.md (Phase 2).
  • Boundary markers: Lacks strong delimiters or specific instructions to ignore embedded commands within the analyzed story text.
  • Capability inventory: The main agent can read local files and spawn sub-agents; the consistency-checker and story-researcher can perform searches.
  • Sanitization: No filtering or validation is applied to the analyzed text before it is sent to sub-agents.
  • [COMMAND_EXECUTION]: The skill uses local repository tools to facilitate the review process.
  • Evidence: Employs git diff to determine the review scope and grep for scanning project files during consistency checks.
Audit Metadata
Risk Level
SAFE
Analyzed
May 12, 2026, 06:27 AM