paper-deck
Pass
Audited by Gen Agent Trust Hub on May 29, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a local Python script
scripts/merge_deck.pyusingpython3to merge images into presentation files. This is a legitimate functional capability but involves shell execution of a script that processes files within the user's environment. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to the way it processes external data.
- Ingestion points: Step 1 (Input Analysis) accepts external URLs (arXiv, DOI, web links) and local PDF files.
- Boundary markers: Absent. The skill does not instruct the agent to use delimiters or specifically ignore instructions that might be embedded in the analyzed papers.
- Capability inventory: The skill has the capability to write multiple files (
analysis.md,deck-brief.md,outline.md, prompts, images) and execute a local shell command for merging assets. - Sanitization: Absent. There are no mechanisms described for sanitizing or escaping the content extracted from the papers before it is used to generate prompts for the image generation backend.
Audit Metadata