paper-deck

Pass

Audited by Gen Agent Trust Hub on May 29, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes a local Python script scripts/merge_deck.py using python3 to merge images into presentation files. This is a legitimate functional capability but involves shell execution of a script that processes files within the user's environment.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to the way it processes external data.
  • Ingestion points: Step 1 (Input Analysis) accepts external URLs (arXiv, DOI, web links) and local PDF files.
  • Boundary markers: Absent. The skill does not instruct the agent to use delimiters or specifically ignore instructions that might be embedded in the analyzed papers.
  • Capability inventory: The skill has the capability to write multiple files (analysis.md, deck-brief.md, outline.md, prompts, images) and execute a local shell command for merging assets.
  • Sanitization: Absent. There are no mechanisms described for sanitizing or escaping the content extracted from the papers before it is used to generate prompts for the image generation backend.
Audit Metadata
Risk Level
SAFE
Analyzed
May 29, 2026, 07:00 PM
Security Audit — agent-trust-hub — paper-deck