sumeru-finalize
Pass
Audited by Gen Agent Trust Hub on May 5, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is focused on technical text validation and formatting. It correctly scopes its activities to reading manuscript chapters and writing formatted output to specific directories.
- [DATA_EXPOSURE]: The skill accesses the local
chapters/directory to read novel content and writes output topublish/and.sumeru/finalize/. This is standard behavior for an export and verification tool. - [INDIRECT_PROMPT_INJECTION]: Since the skill ingests and processes large amounts of untrusted text from novel files, it naturally has an attack surface for indirect prompt injection. However, this is inherent to its primary purpose.
- Ingestion points: Reads novel text from files in the
chapters/directory. - Boundary markers: Not explicitly specified in the instructions.
- Capability inventory: The skill has the ability to write files to the local file system (
publish/and.sumeru/finalize/). - Sanitization: No explicit sanitization or escaping of novel content is described in the logic.
Audit Metadata