pptx-generation
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it is designed to ingest and process untrusted external data sources such as CSVs, financial reports, memos, and PDFs to generate slide content. \n
- Ingestion points: Untrusted data enters the agent context via the [INPUTS] and [DATA SOURCES] sections defined in
references/simple-deck-template.mdandreferences/complex-deck-architecture.md. \n - Boundary markers: The templates use simple bracketed placeholders for data but lack robust delimiters or explicit instructions to ignore potentially malicious embedded commands within the processed files. \n
- Capability inventory: The skill possesses the capability to generate and save PowerPoint files using the
html2pptxtool, which is invoked across all generation phases. \n - Sanitization: There is no evidence of content sanitization, escaping, or validation to prevent instructions embedded within user-provided data from influencing the agent's behavior.
Audit Metadata