skills/lc2panda/wps-mcp/wps-ppt/Gen Agent Trust Hub

wps-ppt

Pass

Audited by Gen Agent Trust Hub on May 20, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it is designed to read and act upon content extracted from external PowerPoint files.
  • Ingestion points: SKILL.md defines tools such as wps_ppt_get_slide_info, wps_ppt_get_slide_notes, and wps_ppt_find_ppt_text which allow the agent to ingest text and metadata from presentation slides.
  • Boundary markers: The instructions do not provide delimiters or specific directives for the agent to distinguish between its own instructions and potentially malicious instructions embedded in the PPT content.
  • Capability inventory: The skill provides a high degree of control over the system through 111 MCP tools (listed in SKILL.md), including file opening (wps_ppt_open_presentation), content modification, and object placement.
  • Sanitization: There is no evidence of sanitization or validation logic to filter out potentially harmful commands or characters from the data retrieved from the PowerPoint files.
Audit Metadata
Risk Level
SAFE
Analyzed
May 20, 2026, 02:15 AM
Security Audit — agent-trust-hub — wps-ppt