baoyu-slide-deck

Pass

Audited by Gen Agent Trust Hub on May 19, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the bun or npx runtimes to execute local scripts (scripts/merge-to-pptx.ts and scripts/merge-to-pdf.ts) for document assembly. These scripts perform standard file system operations such as reading generated PNG images and writing the final PPTX and PDF output files within the project directory.
  • [EXTERNAL_DOWNLOADS]: The included scripts depend on well-known and reputable Node.js packages, specifically pdf-lib and pptxgenjs. These libraries are standard industry tools for document manipulation and are used here for their intended purpose.
  • [DATA_EXFILTRATION]: The skill accesses a configuration file (EXTEND.md) located in the user's home directory under .config/baoyu-skills/ or similar paths. This is a standard pattern for CLI-style tools to maintain persistent user preferences (e.g., preferred visual style or image backend) and does not involve accessing sensitive credentials like SSH keys or environment variables.
  • [PROMPT_INJECTION]: The skill contains a prompt instruction in references/base-prompt.md advising the image generation component to create stylized alternatives for sensitive or copyrighted figures rather than refusing. While this attempts to influence the behavioral filters of the image generator, it is a creative instruction for the specific task and does not compromise the security or safety constraints of the AI agent itself.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it processes external, potentially untrusted content (source documents) and interpolates it into prompts for image generation. The risk is mitigated by the use of structured prompt templates and headers such as ## SLIDE CONTENT which serve as boundary markers for the ingested data.
Audit Metadata
Risk Level
SAFE
Analyzed
May 19, 2026, 02:04 AM
Security Audit — agent-trust-hub — baoyu-slide-deck