make-deck
Pass
Audited by Gen Agent Trust Hub on May 2, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill employs restricted shell commands via a whitelist (
cp,mkdir,realpath,open) to manage directory structures and copy thedeck_stage.jsstarter library. This is used exclusively for project setup and artifact management. - [DYNAMIC_EXECUTION]: A programmatic 'overflow audit' is performed by executing a JavaScript snippet within the browser context via Chrome DevTools. This script calculates bounding boxes and viewport scaling to detect visual clipping in the generated slides, which is a legitimate quality assurance step.
- [DATA_EXPOSURE]: The skill automatically reads brand-specific information from
~/.claude/design-systems/and project-level configuration files (e.g.,tailwind.config.js). This facilitates the 'Phase 0' auto-detection of design tokens to ensure the generated output aligns with the user's existing brand guidelines. - [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection by ingesting untrusted data from external URLs (GitHub, Figma) and local configuration files. While these files could contain malicious instructions, the risk is categorized as low given the skill's primary focus on visual design and layout.
Audit Metadata