Skills
skills/affaan-m/everything-claude-code/frontend-slides/Gen Agent Trust Hub

frontend-slides

Pass

Audited by Gen Agent Trust Hub on May 12, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes platform-specific shell commands (open, xdg-open, start) to launch the generated HTML presentations in the user's browser.
  • [EXTERNAL_DOWNLOADS]: The skill encourages the installation of the python-pptx library via python3 for file conversion and fetches web fonts from Google Fonts and Fontshare.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes content from external PowerPoint files and user notes without explicit sanitization or boundary markers.
  • Ingestion points: The skill reads content from .ppt and .pptx files during conversion and accepts raw text/notes from the user for slide generation.
  • Boundary markers: Absent. There are no instructions provided to the agent to treat external content as data only or to ignore embedded commands.
  • Capability inventory: The agent utilizes python3 for data extraction and system-level shell commands to interact with the file system and browser.
  • Sanitization: Absent. No validation or filtering is performed on the data ingested from external presentation files before it is processed by the AI.
Audit Metadata
Risk Level
SAFE
Analyzed
May 12, 2026, 01:46 AM
Security Audit — agent-trust-hub — frontend-slides