octocode-slides

Pass

Audited by Gen Agent Trust Hub on Jun 18, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructs the user to download the uv package manager from astral.sh and utilizes various JavaScript libraries for charts, diagrams, and formatting from reputable CDNs such as jsdelivr.net and unpkg.com. These resources are integral to the skill's functionality for building slides and generating assets.
  • [REMOTE_CODE_EXECUTION]: The skill documentation includes an installation command for the uv utility that uses a shell pipe. This is a common practice for this specific, well-known developer tool and is intended for environment preparation for the image generation component.
  • [COMMAND_EXECUTION]: The agent executes local commands to run an image generation script and to serve the resulting presentation files. These operations are constrained to the skill's primary objective of presentation design and asset management.
  • [DATA_EXFILTRATION]: The skill uses an API key for image generation, providing clear instructions for secure management via environment variables. It processes project data and web content to populate slides, which is the core intended behavior for creating a presentation from a brief.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 18, 2026, 04:44 AM
Security Audit — agent-trust-hub — octocode-slides