yuv-decks

Pass

Audited by Gen Agent Trust Hub on Jun 17, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes shell commands to manage the local development environment, including creating directories with 'mkdir -p', initializing projects using 'npx @open-slide/cli', and managing dependencies via 'npm install'.
  • [COMMAND_EXECUTION]: Uses the GitHub CLI ('gh repo create') to automate the creation of private repositories and push local content to the cloud.
  • [EXTERNAL_DOWNLOADS]: Fetches and installs the '@open-slide/cli' and '@open-slide/core' packages from the npm registry during the project bootstrapping process.
  • [PROMPT_INJECTION]: Processes untrusted user-supplied data such as presentation topics and agendas to generate slide content and React-based JSX code. This constitutes an indirect prompt injection surface typical for content generation tools.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 17, 2026, 07:42 AM
Security Audit — agent-trust-hub — yuv-decks