Skills
skills/narumiruna/skills/slide-creator/Gen Agent Trust Hub

slide-creator

Pass

Audited by Gen Agent Trust Hub on May 5, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill invokes local scripts using the uv tool, including init_presentation.py and check_contrast.py, for workflow automation. It also recommends using svglint for local file validation.
  • [PROMPT_INJECTION]: The skill ingests untrusted user-supplied data such as presentation titles and author names, creating a surface for indirect prompt injection. 1. Ingestion points: Command-line arguments and slide content inputs defined in SKILL.md. 2. Boundary markers: No delimiters or explicit instructions to ignore embedded commands are present in the provided files. 3. Capability inventory: The skill can execute local scripts and write Markdown and SVG files. 4. Sanitization: No sanitization or input validation logic is present in the provided orchestration files.
Audit Metadata
Risk Level
SAFE
Analyzed
May 5, 2026, 02:18 PM
Security Audit — agent-trust-hub — slide-creator