googleslides-automation
Pass
Audited by Gen Agent Trust Hub on Jun 15, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill does not access or hardcode sensitive information such as API keys, tokens, or private configuration files.
- [SAFE]: Network connections are directed exclusively to the official vendor documentation and connectivity endpoints at composio.dev and rube.app.
- [SAFE]: No privilege escalation, persistence mechanisms, or obfuscated payloads were detected in the skill's instructions.
- [PROMPT_INJECTION]: The skill presents an ingestion surface for indirect prompt injection as it processes Markdown content through tools like
GOOGLESLIDES_CREATE_SLIDES_MARKDOWN. Evidence: 1. Ingestion points: Themarkdown_textparameter in slide creation and update tools. 2. Boundary markers: None identified in the prompt instructions to isolate untrusted user data. 3. Capability inventory: The skill's capabilities are limited to Google Slides API operations via the Rube MCP toolkit; it lacks scripts for local command execution or filesystem manipulation. 4. Sanitization: No validation or sanitization requirements for the Markdown input are specified in the instructions.
Audit Metadata