Skills
skills/compilet-dev/agent-skill-layerproof/slides/Gen Agent Trust Hub

slides

Pass

Audited by Gen Agent Trust Hub on May 16, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes curl commands to interact with the Slide Editing API and instructs the agent to source .env.local to load environment variables, which involves executing the contents of that local file.
  • [EXTERNAL_DOWNLOADS]: The skill performs network operations using curl to interact with an external API service (LAYERPROOF_BASE_URL) for slide editing and image processing tasks.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface (Category 8) by ingesting and processing untrusted data from external API responses.
  • Ingestion points: JSON responses received from the Slide Editing API endpoints at LAYERPROOF_BASE_URL (identified in SKILL.md).
  • Boundary markers: Absent. The skill does not provide instructions to the agent to delimit or ignore potential instructions embedded within the API output.
  • Capability inventory: The agent has the capability to execute shell commands via curl and source (identified in SKILL.md).
  • Sanitization: Absent. There is no evidence of validation or sanitization applied to the external API content before it is handled by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
May 16, 2026, 08:43 AM
Security Audit — agent-trust-hub — slides