carousels
Pass
Audited by Gen Agent Trust Hub on May 26, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill facilitates the execution of internal Node.js scripts (
generate-image.mjsandrender.mjs) to automate image generation and document rendering tasks. These operations are necessary for the skill's primary functionality and are performed within the user's local workspace.\n- [EXTERNAL_DOWNLOADS]: The skill depends on the 'puppeteer' package and requires the download of browser binaries for slide rendering. These are standard, well-known dependencies for headless browser automation and are documented for the user.\n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) because it ingests untrusted source text to generate slide content and prompts. \n - Ingestion points: Pasted text or local files ingested during Phase 1 of the skill workflow.\n
- Boundary markers: The skill does not explicitly use delimiters to separate user content from its own instructions.\n
- Capability inventory: The agent can write to the local file system and execute internal scripts for image and document generation.\n
- Sanitization: Source content is used directly for editorial distillation and prompt generation without prior sanitization or filtering.
Audit Metadata