baoyu-slide-deck
Pass
Audited by Gen Agent Trust Hub on May 19, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill relies on external Node.js dependencies for document generation, specifically 'pptxgenjs' and 'pdf-lib'. These are well-established libraries for their respective purposes.
- [COMMAND_EXECUTION]: The skill uses the 'bun' runtime to execute local TypeScript scripts ('scripts/merge-to-pptx.ts' and 'scripts/merge-to-pdf.ts') to compile the final slide images into presentation files. This is consistent with the primary purpose of the skill.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its handling of user-provided content.
- Ingestion points: Content provided by the user is stored in 'source.md' and then processed into an 'outline.md' file.
- Boundary markers: There are no explicit delimiters or instructions (e.g., 'ignore embedded commands') to separate user content from the agent's instructions during prompt assembly.
- Capability inventory: The skill has access to image generation tools (e.g., 'baoyu-imagine' or native tools) and can execute shell commands via 'bun'.
- Sanitization: No evidence of sanitization, escaping, or filtering of the user's input was found before the content is placed into the 'SLIDE CONTENT' block of the 'base-prompt.md' template used for image generation.
Audit Metadata