skills/majiayu000/spellbook/slides/Gen Agent Trust Hub

slides

Pass

Audited by Gen Agent Trust Hub on Jun 19, 2026

Risk Level: SAFECOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONDATA_EXFILTRATION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses shell commands via the Bash tool to perform file management, invoke Chrome for headless rendering, and execute ffmpeg for video assembly.
  • [REMOTE_CODE_EXECUTION]: The skill generates and executes Python scripts locally using python3 -c to perform image manipulation with the Pillow library and to calculate timing for video concatenation.
  • [DATA_EXFILTRATION]: The skill is configured to use the WebSearch tool to gather information and facts based on user-provided topics to populate slide content.
  • [EXTERNAL_DOWNLOADS]: The design system references Google Fonts (a well-known service) via CDN to ensure consistent typography in the generated slides.
  • [PROMPT_INJECTION]: The skill uses complex instructional logic to determine slide design strategies based on user input, but does not contain patterns intended to bypass safety guidelines or override agent behavior.
  • [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted user-provided content (scripts and topics) which is then interpolated into HTML templates and rendered by a browser.
  • Ingestion points: User-provided script files or topic keywords.
  • Boundary markers: None identified in the prompt templates.
  • Capability inventory: File system access (Read/Write), shell execution (Bash), and headless browser rendering.
  • Sanitization: The instructions do not explicitly define sanitization steps for user-provided text before HTML interpolation.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 19, 2026, 03:58 PM
Security Audit — agent-trust-hub — slides