wps-ppt
Pass
Audited by Gen Agent Trust Hub on May 20, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it is designed to read and act upon content extracted from external PowerPoint files.
- Ingestion points:
SKILL.mddefines tools such aswps_ppt_get_slide_info,wps_ppt_get_slide_notes, andwps_ppt_find_ppt_textwhich allow the agent to ingest text and metadata from presentation slides. - Boundary markers: The instructions do not provide delimiters or specific directives for the agent to distinguish between its own instructions and potentially malicious instructions embedded in the PPT content.
- Capability inventory: The skill provides a high degree of control over the system through 111 MCP tools (listed in
SKILL.md), including file opening (wps_ppt_open_presentation), content modification, and object placement. - Sanitization: There is no evidence of sanitization or validation logic to filter out potentially harmful commands or characters from the data retrieved from the PowerPoint files.
Audit Metadata