pptx-author
Pass
Audited by Gen Agent Trust Hub on May 16, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill references a repository from a well-known organization (
github.com/anthropics/financial-services) and provides instructions to install thepython-pptxlibrary from standard registries. - [DATA_EXFILTRATION]: File access is limited to specific local directories (
./out/and./templates/). The skill documentation explicitly states that it does not perform network operations such as emailing or uploading files. - [PROMPT_INJECTION]: The skill ingests data from local Excel workbooks and images, which creates an attack surface for indirect prompt injection.
- Ingestion points: Data is read from
./out/model.xlsxand images from./out/charts/as specified inSKILL.md. - Boundary markers: There are no explicit delimiters or instructions to ignore embedded content within the ingested files.
- Capability inventory: The skill is capable of directory creation, file writing, and reading Excel workbooks as described in
SKILL.md. - Sanitization: The instructions do not define specific sanitization or validation steps for the external content before it is processed into the presentation slides.
Audit Metadata