ai-presentation-deck

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill provides scripts/run.py, a utility for interacting with the AI Skills API. This script is a legitimate part of the skill's execution flow.\n- [EXTERNAL_DOWNLOADS]: The runner script initiates network connections to the official vendor domain ai-skills.ai. These operations are required for the skill to function and are conducted over secure HTTPS connections.\n- [DATA_EXFILTRATION]: Authentication credentials are provided by the user via environment variables and are transmitted securely in HTTP headers to the official API endpoint, following industry best practices.\n- [PROMPT_INJECTION]: The skill is designed to process external inputs such as URLs and file contents. This constitutes an indirect prompt injection surface where untrusted data could attempt to manipulate the agent, though this is necessary for the stated purpose of analyzing presentation materials.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 03:31 AM
Security Audit — agent-trust-hub — ai-presentation-deck