slides-grab-design

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 0.90). The content is largely benign design guidance but includes a high-risk pattern: a default image provider ("god-tibo-imagen") that calls an unsupported private Codex backend and reuses the user's local Codex ChatGPT credentials (~/.codex/auth.json, via codex login), creating a credential-reuse/exfiltration and supply-chain/backdoor risk by sending local auth and potentially slide content to an untrusted backend.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly instructs fetching public web content (e.g., "slides-grab fetch-video --url " in SKILL.md step 10 and the references/design-rules.md and detailed-design-rules.md guidance to "fall back to web search + download" for images), which downloads untrusted, user-hosted third‑party media into the slides workspace and displays/uses those assets as part of the design workflow.