baoyu-slide-deck

Pass

Audited by Gen Agent Trust Hub on May 19, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill relies on external Node.js dependencies for document generation, specifically 'pptxgenjs' and 'pdf-lib'. These are well-established libraries for their respective purposes.
  • [COMMAND_EXECUTION]: The skill uses the 'bun' runtime to execute local TypeScript scripts ('scripts/merge-to-pptx.ts' and 'scripts/merge-to-pdf.ts') to compile the final slide images into presentation files. This is consistent with the primary purpose of the skill.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its handling of user-provided content.
  • Ingestion points: Content provided by the user is stored in 'source.md' and then processed into an 'outline.md' file.
  • Boundary markers: There are no explicit delimiters or instructions (e.g., 'ignore embedded commands') to separate user content from the agent's instructions during prompt assembly.
  • Capability inventory: The skill has access to image generation tools (e.g., 'baoyu-imagine' or native tools) and can execute shell commands via 'bun'.
  • Sanitization: No evidence of sanitization, escaping, or filtering of the user's input was found before the content is placed into the 'SLIDE CONTENT' block of the 'base-prompt.md' template used for image generation.
Audit Metadata
Risk Level
SAFE
Analyzed
May 19, 2026, 11:18 PM
Security Audit — agent-trust-hub — baoyu-slide-deck