sdpm-spec
Pass
Audited by Gen Agent Trust Hub on Jul 2, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes a sandboxed
run_pythonMCP tool to perform calculations and manage project files within the deck directory. - [EXTERNAL_DOWNLOADS]: The skill allows fetching content from user-specified URLs using the
WebFetchtool to gather source material for the presentation. - [PROMPT_INJECTION]: The skill processes untrusted external data (URLs and documents), which introduces an indirect prompt injection surface. This risk is addressed via a structured workflow requiring explicit user validation at each design phase. Ingestion points: User-provided URLs and files; Boundary markers: Explicit approval checkpoints for briefing, outline, and art direction; Capability inventory: Python execution for file writing and PPTX generation; Sanitization: Use of
lint_and_sanitizewhen writing files.
Audit Metadata