anygen-slide
Pass
Audited by Gen Agent Trust Hub on Mar 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, or unauthorized data access were detected. The skill implements security best practices, including setting file permissions to 0o600 for sensitive configuration files.
- [COMMAND_EXECUTION]: The skill executes bundled Python scripts (
scripts/anygen.py,scripts/auth.py,scripts/fileutil.py) to manage authentication, poll task status, and download results. These operations are limited to the skill's own directory and authorized workspace. - [EXTERNAL_DOWNLOADS]: The skill interacts with the vendor's API at
www.anygen.ioand the well-known serviceopen.feishu.cnfor platform integration. These connections are necessary for the skill's primary functionality. - [DATA_EXFILTRATION]: User-provided files are uploaded to the AnyGen API for processing. The instructions explicitly require the agent to obtain user consent before reading or uploading any local data.
- [PROMPT_INJECTION]: The skill processes untrusted user data from reference files to analyze slide requirements. This creates an indirect prompt injection surface.
- Ingestion points: Phase 1 (reading user-specified reference files in
SKILL.md). - Boundary markers: None identified in the prompt templates.
- Capability inventory:
sessions_spawnfor background monitoring, network operations to anygen.io, and file writing to~/.openclaw/workspace/. - Sanitization: The instructions mitigate risk by directing the agent to summarize key points rather than directly interpolating raw file content.
Audit Metadata