html-ppt-dir-key-nav-minimal
Pass
Audited by Gen Agent Trust Hub on May 2, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection (Category 8) by ingesting user-provided ideas to generate HTML slide content.
- Ingestion points: The agent takes user-supplied topics and core ideas (as described in the
example_prompt) to populate the slides inindex.html. - Boundary markers: No specific delimiters or instructions are provided to the agent to sanitize or ignore embedded instructions within the user-provided slide content.
- Capability inventory: The skill's primary function involves generating and writing HTML/CSS files to the local file system based on the
dir-key-nav-minimaltemplate. - Sanitization: There are no instructions for escaping or validating the user-provided text before it is placed into the HTML structure, which could lead to script injection if the generated file is opened in a browser.
Audit Metadata