skills/iii-hq/iii/presentation/Gen Agent Trust Hub

presentation

Pass

Audited by Gen Agent Trust Hub on Jul 7, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to execute standard development commands, including pnpm install, pnpm type-check, pnpm dev, and pnpm build. These are necessary for the skill's stated purpose of scaffolding and verifying a web-based presentation project.
  • [EXTERNAL_DOWNLOADS]: The generated project templates reference well-known external resources, specifically fonts from Google's font CDN and standard open-source libraries (e.g., React, Mermaid, Tailwind) from the NPM registry. These are common in web development and do not represent a security risk.
  • [PROMPT_INJECTION]: The skill operates by ingesting untrusted data from markdown specification files to generate content. This represents a potential surface for indirect prompt injection. However, the risk is minimized by the skill's workflow, which requires the agent to propose a narrative outline for user approval before generating any code, serving as a human-in-the-loop checkpoint.
  • Ingestion points: Tech-spec markdown files located in tech-specs/<slug>/*.md.
  • Boundary markers: The skill uses a custom parser for YAML frontmatter and the marked library for markdown content, which treats the input as data to be rendered rather than instructions to be executed.
  • Capability inventory: The skill can perform file writes within the workspace, install NPM packages, and run local build/development servers.
  • Sanitization: Content is processed through standard markdown rendering pipelines, and the workflow is gated by user approval of the proposed outline.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 7, 2026, 06:26 PM
Security Audit — agent-trust-hub — presentation