ppt-agent
Fail
Audited by Snyk on Jun 10, 2026
Risk Level: CRITICAL
Full Analysis
CRITICAL E006: Malicious code pattern detected in skill scripts.
- Malicious code pattern detected (high risk: 0.90). The skill contains multiple deliberate patterns that materially enable opaque execution, prompt-injection and supply-chain risks (prohibiting source inspection, auto-running subagents with injected prompts, and template injection), which could be abused for data exfiltration or backdoor behavior.
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.85). Step 2A 的 ResearchSynth subagent 在运行时会进行“联网检索/抓取网页内容”,其抓取到的公开网页文本会被整理进
search.txt/search-brief.txt并作为可读文本喂回 subagent 的 LLM 上下文,属于 OUTSIDER(公共 web 内容)→ 间接提示注入风险路径。
MEDIUM W021: Hidden or invisible Unicode characters detected (potential obfuscation or prompt injection).
- Hidden Unicode characters detected (1 type(s) found)
Issues (3)
E006
CRITICALMalicious code pattern detected in skill scripts.
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
W021
MEDIUMHidden or invisible Unicode characters detected (potential obfuscation or prompt injection).
Audit Metadata