slide-deck
Pass
Audited by Gen Agent Trust Hub on May 13, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is designed to ingest content from external documents, notes, and brand guidelines to generate slide decks, which creates an attack surface for indirect prompt injection.
- Ingestion points: Reads local files in the working directory such as
BRAND.md,brand-guidelines.md, and user-provided source documents or transcripts (SKILL.md). - Boundary markers: Absent. The instructions do not specify any delimiters or directives to the agent to treat ingested file content as untrusted or to ignore embedded instructions.
- Capability inventory: The skill performs file system write operations to save the generated presentation as an HTML file (
SKILL.md). - Sanitization: Absent. The instructions do not provide requirements for escaping or sanitizing data extracted from source documents before it is embedded into the final HTML/JS file, which could theoretically allow for the injection of malicious scripts if the source material is untrusted.
Audit Metadata