storybook-testing
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to the inclusion of
WebFetchandWebSearchtools which allow the ingestion of untrusted external data.\n - Ingestion points: The
allowed-toolssection inSKILL.mdincludesWebFetchandWebSearch, enabling the agent to retrieve content from external websites.\n - Boundary markers: There are no explicit instructions or delimiters defined to separate untrusted external content from the agent's core instructions.\n
- Capability inventory: The skill possesses filesystem access tools (
Read,Glob,Grep) and network access tools (WebFetch,WebSearch). A malicious actor could potentially use indirect prompt injection via a fetched webpage to influence the agent's file operations.\n - Sanitization: The skill does not implement sanitization or validation of content retrieved from external sources before processing it.\n- [EXTERNAL_DOWNLOADS]: The skill references various official Storybook and Chromatic dependencies and a GitHub Action. These are well-known services and organizations, and their use in this context is standard and safe.
Audit Metadata