Skills
skills/wentorai/research-claw/ppt-master/Gen Agent Trust Hub

ppt-master

Pass

Audited by Gen Agent Trust Hub on Apr 7, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill references an external GitHub repository (hugohe3/ppt-master) and instructs the user to manually clone it and install Python dependencies. This requires local setup of third-party code to function.
  • [PROMPT_INJECTION]: The skill processes untrusted content through an indirect prompt injection surface.
  • Ingestion points: The skill facilitates processing of slide SVG contents and document data within the project directory (SKILL.md).
  • Boundary markers: None explicitly defined for the processed data.
  • Capability inventory: The skill utilizes the rc.ppt.export and rc.ppt.init methods to execute scripts within the local pipeline (SKILL.md).
  • Sanitization: The instructions include a specific note to keep project names filesystem-safe using the regex [a-zA-Z0-9._-] to prevent directory traversal or command injection risks.
  • [SAFE]: The skill provides explicit warnings and best practices for filesystem-safe project naming to mitigate common injection vulnerabilities in local integrations.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 7, 2026, 01:19 AM