Skills
skills/daymade/claude-code-skills/slides-creator/Gen Agent Trust Hub

slides-creator

Pass

Audited by Gen Agent Trust Hub on Apr 30, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection by ingesting untrusted user content to build presentation narratives and delegated tool prompts.
  • Ingestion points: SKILL.md (Phase 0: Source Material Collection) instructs the agent to gather user transcripts, articles, notes, and external references to serve as the foundation for the slide deck.
  • Boundary markers: No explicit delimiters (e.g., XML tags or "ignore instructions" warnings) are specified to separate user-provided content from the agent's internal logic during processing.
  • Capability inventory: The skill uses scripts/main.ts to execute local shell commands (via uv run for Python scripts) and delegates visual generation tasks to the baoyu-slide-deck skill.
  • Sanitization: There is no mention of sanitizing or escaping user-provided text before it is used to generate content in content.md or incorporated into prompts for the downstream slide generation tool.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 30, 2026, 04:01 PM