StoryTime Interactive Fiction Engine
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This appears to be a simple interactive fiction skill with only local story save/load behavior and no evidence of network access, credential use, or hidden execution.
This skill looks safe for normal interactive fiction use. Be aware that save/load functionality writes story data to a local JSON file, so avoid including sensitive information in custom stories if you do not want it stored.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Your story progress and custom scenario content may be saved locally and reloaded later.
The skill stores story state and scenario data locally for save/load functionality. This is purpose-aligned, but any user-created scenario text or choices may persist in a local file.
this.saveFile = options.saveFile || './story-save.json'; ... save() { fs.writeFileSync(this.saveFile, JSON.stringify({ state: this.state, scenario: this.scenario }, null, 2)); return true; }Avoid putting secrets or sensitive personal information into custom stories, and delete the local save file if you no longer want the data retained.