Skills
skills/varnan-tech/opendirectory/graphic-slide-deck/Gen Agent Trust Hub

graphic-slide-deck

Warn

Audited by Gen Agent Trust Hub on May 8, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes bash and python scripts using absolute paths to an external directory (/Users/ksd/Desktop/Varnan_skills/frontend-slides/). These scripts handle core functionality such as PDF generation, web deployment, and PowerPoint content extraction.
  • [EXTERNAL_DOWNLOADS]: The skill triggers the automatic download and installation of the Playwright browser automation library when the PDF export feature is first used. It also fetches fonts from external CDNs like Google Fonts and Fontshare.
  • [DATA_EXFILTRATION]: Provides an optional feature to deploy generated slide decks to Vercel, which involves transmitting the presentation's code and content to an external cloud service.
  • [REMOTE_CODE_EXECUTION]: The installation process for the skill involves executing a remote package via npx, and the PDF generation script performs an unverified installation of external software (Playwright) at runtime.
Audit Metadata
Risk Level
MEDIUM
Analyzed
May 8, 2026, 03:09 PM
Security Audit — agent-trust-hub — graphic-slide-deck