html-slide
Pass
Audited by Gen Agent Trust Hub on Jun 22, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructions and backend policies describe the use of CLI tools like
codex execfor generating slide images. Documentation notes the existence of flags to bypass interactive approvals in specific automated environments.- [EXTERNAL_DOWNLOADS]: Asset references include loading stylesheets and typography from established CDNs such as jsDelivr, as well as accessing vendor-maintained design token information at getdesign.md.- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests untrusted user topics to generate presentation content and image prompts. - Ingestion points: User-provided
topicinSKILL.md. - Boundary markers: None explicitly used during prompt interpolation for generating the deck manuscript.
- Capability inventory: File writing (HTML/JSON) and execution of image generation tools (
codex exec,higgsfield-image). - Sanitization: Employs a mandatory review chain (
ai-slop-reviewerandhumanize-korean) to refine generated content before final output.
Audit Metadata