textbook-to-presentation-generator

Warn

Audited by Gen Agent Trust Hub on Jun 21, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill workflow requires the agent to dynamically generate a JavaScript file and then execute it using the node command. It also instructs the agent to run python -m markitdown for output verification.
  • [PROMPT_INJECTION]: There is an indirect prompt injection surface as the skill processes untrusted data from the docs/ and input-knowledge/ directories to design slides and write speaker notes. Malicious instructions within these files could influence the agent's behavior.
  • Ingestion points: Reads textbook content from docs/course-description.md, docs/chapters/*/index.md, and input-knowledge/.
  • Boundary markers: The skill does not define specific delimiters or instructions to ignore embedded commands in the source data.
  • Capability inventory: The skill possesses the ability to execute shell commands (node, python) and perform file system operations.
  • Sanitization: No evidence of content sanitization or validation is present before the external content is processed.
  • [EXTERNAL_DOWNLOADS]: The skill requires the installation of the pptxgenjs package from the NPM registry. This is a well-known service and a standard library for generating presentations.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Jun 21, 2026, 03:36 PM
Security Audit — agent-trust-hub — textbook-to-presentation-generator