generate-slides
Pass
Audited by Gen Agent Trust Hub on Jun 16, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill fetches content from external URLs provided in the
AGENDA.mdfile to generate source summaries for slides. - [COMMAND_EXECUTION]: The skill performs shell command checks for environment tools (
node,marp) and executes themarp-clitool to convert markdown into a final HTML presentation. - [PROMPT_INJECTION]: The skill processes untrusted web content, which presents a surface for indirect prompt injection attacks.
- Ingestion points: External research content is fetched from URLs and stored in
docs/sources/(detailed inSKILL.mdandSOURCES.md). - Boundary markers: The skill includes clear instructions to the agent to treat fetched content as untrusted data and explicitly ignore any directives found within it.
- Capability inventory: The skill uses the
marpcommand-line tool to process the final presentation markdown. - Sanitization: The
SOURCES.mdfile contains a dedicated security section with patterns to detect and skip malicious instructions in fetched content, such as "ignore previous instructions" or role-play attempts. - Note on Static Detection: A static analysis flag for instruction override was found to be a false positive; the identified text is part of the skill's own security filtering logic.
Audit Metadata