sdpm-spec

Pass

Audited by Gen Agent Trust Hub on Jul 2, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes a sandboxed run_python MCP tool to perform calculations and manage project files within the deck directory.
  • [EXTERNAL_DOWNLOADS]: The skill allows fetching content from user-specified URLs using the WebFetch tool to gather source material for the presentation.
  • [PROMPT_INJECTION]: The skill processes untrusted external data (URLs and documents), which introduces an indirect prompt injection surface. This risk is addressed via a structured workflow requiring explicit user validation at each design phase. Ingestion points: User-provided URLs and files; Boundary markers: Explicit approval checkpoints for briefing, outline, and art direction; Capability inventory: Python execution for file writing and PPTX generation; Sanitization: Use of lint_and_sanitize when writing files.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 2, 2026, 06:37 AM
Security Audit — agent-trust-hub — sdpm-spec