slides-grab-plan
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted user data (topics, requirements, feedback) and research results, which are interpolated into prompts for a sub-agent. This represents an indirect prompt injection surface.
- Ingestion points: User inputs and research results are ingested as defined in SKILL.md and references/plan-workflow-reference.md.
- Boundary markers: The skill uses simple bracketed placeholders (e.g., [user topic]) within task prompts, offering minimal separation between instructions and untrusted content.
- Capability inventory: The skill can trigger sub-agent tasks via the Task tool and execute specific commands using the slides-grab CLI.
- Sanitization: No explicit sanitization or strict boundary markers (such as XML tags or explicit 'ignore' instructions) are present for processing external data.
- [COMMAND_EXECUTION]: The skill uses the slides-grab CLI tool for style management and previewing. This is a legitimate use of the tool within the skill's defined scope and does not involve risky permissions.
Audit Metadata