presentation-builder
Warn
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructions require cloning a repository from an unverified third-party GitHub account (
vkehfdl1/slides-grab) and installing its dependencies usingnpm ci. This pattern introduces a risk of executing unvetted code from an external source. - [COMMAND_EXECUTION]: The skill executes multiple shell commands to set up and run the presentation tool, including
npm ci,npx playwright install chromium, and variousslides-grabsubcommands. Playwright specifically downloads and executes browser binaries (Chromium), which increases the local execution footprint. - [INDIRECT_PROMPT_INJECTION]: The skill has a defined attack surface for indirect injection as it processes external content (topic, document, or brief) to generate slide outlines and HTML content. However, it includes a human-in-the-loop 'Plan' phase and 'Review' phase which serves as a boundary marker to mitigate automated obedience to injected instructions.
Audit Metadata