ckm-slides
Pass
Audited by Gen Agent Trust Hub on Jun 24, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill references a Python script for searching slide components located at
.claude/skills/design-system/scripts/search-slides.py. This script is an external dependency used to fetch copywriting formulas, layouts, and strategies from a separate design system skill directory. - [PROMPT_INJECTION]: The skill processes user input via the
$ARGUMENTSvariable inreferences/create.md, which is interpolated into a task block. This represents an indirect prompt injection surface. - Ingestion points: User input captured in
$ARGUMENTSwithinreferences/create.md. - Boundary markers: The skill uses
<task>XML-style tags as delimiters. - Capability inventory: The agent can perform command execution (Python) and generate HTML files.
- Sanitization: No explicit sanitization or instructions to ignore instructions within the input are provided.
- [EXTERNAL_DOWNLOADS]: The HTML template in
references/html-template.mdloads the Chart.js library from the well-known jsDelivr CDN. This is a common practice for including front-end dependencies in generated HTML presentations.
Audit Metadata