deck-studio

Warn

Audited by Gen Agent Trust Hub on Jul 6, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill provides and instructs the execution of multiple JavaScript files (generate.js, assemble.js) to generate slide content and assemble PPTX files.
  • [REMOTE_CODE_EXECUTION]: The skill references and executes local scripts such as 'scripts/install_skill.py' and 'scripts/run_routing_evals.py' which are included in the repository and are used for installation and evaluation tasks.
  • [EXTERNAL_DOWNLOADS]: The skill requires the installation of the 'pptxgenjs' library via npm, which is a well-known and widely used service for PowerPoint generation.
  • [COMMAND_EXECUTION]: The slide rendering pipeline invokes the local Google Chrome binary in headless mode to capture screenshots of generated HTML pages, which is an expected automation pattern for this use case.
  • [PROMPT_INJECTION]: The skill processes user-supplied text to generate HTML templates without explicit sanitization, creating an attack surface for indirect prompt injection if malicious HTML or JavaScript is included in the slide content processed by the headless browser.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Jul 6, 2026, 03:24 AM
Security Audit — agent-trust-hub — deck-studio