glmv-pdf-to-ppt
Pass
Audited by Gen Agent Trust Hub on Apr 7, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill downloads PDF files from remote HTTP/HTTPS locations using the
curlutility if a URL is provided as input.\n- [COMMAND_EXECUTION]: The skill executes several local scripts (pdf_to_images.py,crop.py,generate_slide.py) and standard system commands (mkdir,curl) to handle file management and document processing.\n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it reads and processes untrusted PDF content during the planning and summarization phases.\n - Ingestion points: Untrusted data enters the agent context via PDF images processed in Phase 2 and Phase 3.\n
- Boundary markers: No explicit delimiters or instructions to ignore embedded commands are specified in the prompt when reading document content.\n
- Capability inventory: The skill has the ability to write files, execute subprocesses, and trigger an Agent tool subagent.\n
- Sanitization: There is no explicit sanitization or filtering of content extracted from the source PDF images.
Audit Metadata