skills/bmad-labs/skills/slide-maker/Gen Agent Trust Hub

slide-maker

Fail

Audited by Gen Agent Trust Hub on Jul 9, 2026

Risk Level: HIGHCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The feedback-bridge.mjs script starts a local HTTP server that accepts feedback data via POST requests. It uses the screenshotFile property from the received JSON payload directly in path.join() without sanitization. This enables a path traversal attack where a malicious request (potentially from an external website targeting the local port) could cause the script to overwrite arbitrary files on the user's host machine.
  • [COMMAND_EXECUTION]: The receive-feedback.mjs script exhibits similar path traversal vulnerabilities. It uses unsanitized input from the feedback JSON to construct file paths for moving and copying files, potentially allowing arbitrary file writes outside the intended directory.
  • [EXTERNAL_DOWNLOADS]: The skill's instructions in SKILL.md direct the AI agent to clone a third-party repository (https://github.com/nextlevelbuilder/ui-ux-pro-max-skill) to resolve design system suggestions. This repository is not from a recognized trusted organization. While the skill correctly includes a safeguard requiring explicit user consent before the fetch, the reliance on an external, untrusted source for functional instructions remains a security concern.
  • [REMOTE_CODE_EXECUTION]: The skill's architecture involves downloading and potentially invoking instructions or capabilities from an external repository (nextlevelbuilder/ui-ux-pro-max-skill), which constitutes a remote code execution surface.
  • [COMMAND_EXECUTION]: Multiple scripts within the deck-template/scripts/ directory use child_process.spawn or child_process.execFileSync to execute system commands such as soffice (LibreOffice), pdftoppm, npm, and node. While these are for the skill's primary purpose of document generation and conversion, they significantly increase the skill's overall attack surface.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Jul 9, 2026, 02:15 PM
Security Audit — agent-trust-hub — slide-maker