build-presentation
Pass
Audited by Gen Agent Trust Hub on May 15, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its automated fetching and summarization of external web content.
- Ingestion points: Phase 3, Step 2 in PHASES.md instructs the agent to fetch and summarize content from user-provided URLs in AGENDA.md.
- Boundary markers: There are no explicit instructions to use delimiters or warnings to ignore embedded instructions when processing fetched data.
- Capability inventory: The agent has the capability to write project files (SCAFFOLD.md) and execute shell commands (PHASES.md).
- Sanitization: No sanitization or validation of the external content is performed before it is summarized and used to generate slides.
- [COMMAND_EXECUTION]: The skill performs shell command execution to verify dependencies and generate output.
- Evidence: SKILL.md uses the 'which' command to check for the presence of 'marp'.
- Evidence: PHASES.md Phase 3 Step 5 executes the 'marp' command with arguments to generate the final HTML presentation.
- [EXTERNAL_DOWNLOADS]: The skill interacts with remote resources and recommends the installation of external tools.
- Evidence: PHASES.md Phase 3 Step 2 involves downloading content from external URLs for research and summarization.
- Evidence: SKILL.md recommends installing the '@marp-team/marp-cli' package from npm.
Audit Metadata