presentation-design
Pass
Audited by Gen Agent Trust Hub on May 15, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill instructions do not contain any malicious patterns such as credential theft, privilege escalation, or persistence mechanisms. Tools are used according to their intended design-related purposes.
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface because it processes untrusted user-provided content to generate design plans.
- Ingestion points: User inputs for the deck's topic, audience, and slide text are extracted and used to build the plan in SKILL.md.
- Boundary markers: There are no explicit delimiters or instructions to ignore embedded commands in the processed user data.
- Capability inventory: The skill uses the image_gen tool and writes to the local file system (presentations/ directory).
- Sanitization: No sanitization or validation of the input strings is performed before processing.
- Mitigation: The risk is mitigated by a mandatory human-in-the-loop checkpoint (Step 5), where the user must review and approve the deck plan before the agent proceeds with image generation.
Audit Metadata