html-ppt-xhs-pastel-card
Pass
Audited by Gen Agent Trust Hub on May 2, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The example HTML file imports web fonts from Google Fonts (
fonts.googleapis.com). This is standard practice for web design and does not pose a security risk. - [DATA_EXPOSURE_AND_EXFILTRATION]: No sensitive file access, credential harvesting, or network-based data exfiltration patterns were found.
- [REMOTE_CODE_EXECUTION]: The skill does not attempt to download or execute external scripts or binaries. It instructions the agent to use local assets (CSS/JS) to build the presentation deck.
- [PROMPT_INJECTION]: The skill's instructions are focused on formatting and structure; no attempts to override system safety or bypass ethical constraints were observed.
- [INDIRECT_PROMPT_INJECTION]: The skill is designed to process user-provided topics to generate slide content. While it ingests external data, the output is restricted to static HTML/CSS slide generation, which is a low-risk capability surface.
- [DYNAMIC_EXECUTION]: The skill provides instructions for the agent to construct an HTML file by inlining local CSS and JS files. This is a legitimate file-creation workflow for generating standalone presentation artifacts.
Audit Metadata