skills/openclaw/gogcli/gog-slides/Gen Agent Trust Hub

gog-slides

Pass

Audited by Gen Agent Trust Hub on Jun 22, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill ingests data from external Google Slides presentations, which can contain instructions that attempt to influence agent behavior.
  • Ingestion points: Data enters the context via read-slide, list-slides, and raw commands as documented in SKILL.md.
  • Boundary markers: The skill suggests using the --wrap-untrusted flag to assist the agent in isolating external content in SKILL.md.
  • Capability inventory: The skill possesses broad manipulation permissions, including slide deletion, text replacement, and presentation cloning in SKILL.md.
  • Sanitization: Safety is primarily handled through the tool-level --wrap-untrusted flag.
  • [EXTERNAL_DOWNLOADS]: The skill facilitates the retrieval of remote assets for presentation use.
  • Evidence: The insert-image and replace-slide commands explicitly support fetching content from public URLs in SKILL.md.
  • Evidence: The export and thumbnail commands involve downloading files to the local environment in SKILL.md.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 22, 2026, 08:28 PM
Security Audit — agent-trust-hub — gog-slides