wps-ppt
Pass
Audited by Gen Agent Trust Hub on May 19, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an attack surface for Indirect Prompt Injection during the processing of existing presentation data.\n
- Ingestion points: Untrusted content is ingested into the agent context from PowerPoint files via tools such as
wps_ppt_get_slide_info,wps_ppt_get_slide_notes, andwps_ppt_find_ppt_text.\n - Boundary markers: The instructions lack specific delimiters or directives to isolate content retrieved from slides from the agent's core instructions, increasing the risk of the agent obeying instructions embedded in the PPT.\n
- Capability inventory: The skill has extensive file manipulation capabilities within the WPS environment, including the ability to delete slides (
wps_ppt_delete_slide) and modify all slide content.\n - Sanitization: No sanitization or validation of the retrieved text is performed before processing.
Audit Metadata