slides
Pass
Audited by Gen Agent Trust Hub on Jun 19, 2026
Risk Level: SAFECOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses shell commands via the Bash tool to perform file management, invoke Chrome for headless rendering, and execute ffmpeg for video assembly.
- [REMOTE_CODE_EXECUTION]: The skill generates and executes Python scripts locally using
python3 -cto perform image manipulation with the Pillow library and to calculate timing for video concatenation. - [DATA_EXFILTRATION]: The skill is configured to use the WebSearch tool to gather information and facts based on user-provided topics to populate slide content.
- [EXTERNAL_DOWNLOADS]: The design system references Google Fonts (a well-known service) via CDN to ensure consistent typography in the generated slides.
- [PROMPT_INJECTION]: The skill uses complex instructional logic to determine slide design strategies based on user input, but does not contain patterns intended to bypass safety guidelines or override agent behavior.
- [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted user-provided content (scripts and topics) which is then interpolated into HTML templates and rendered by a browser.
- Ingestion points: User-provided script files or topic keywords.
- Boundary markers: None identified in the prompt templates.
- Capability inventory: File system access (Read/Write), shell execution (Bash), and headless browser rendering.
- Sanitization: The instructions do not explicitly define sanitization steps for user-provided text before HTML interpolation.
Audit Metadata