frontend-slides
Pass
Audited by Gen Agent Trust Hub on Apr 14, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes Python scripts and the
python-pptxlibrary to programmatically read PowerPoint files and extract their contents, including text and images, to the local file system. It also employs theopencommand to display the final presentation in a web browser. - [EXTERNAL_DOWNLOADS]: Generated presentations include links to external font repositories such as Google Fonts and Fontshare to apply specific typography styles.
- [PROMPT_INJECTION]: The skill processes untrusted external data from PowerPoint files and user-provided notes, which could contain instructions designed to manipulate the agent's output. This represents an indirect prompt injection surface.
- [PROMPT_INJECTION]: Ingestion points: PowerPoint file extraction in SKILL.md (Phase 4).
- [PROMPT_INJECTION]: Boundary markers: None identified in the extraction or summarization steps.
- [PROMPT_INJECTION]: Capability inventory: Python script execution, file system writes (assets), and HTML/JS generation.
- [PROMPT_INJECTION]: Sanitization: No explicit sanitization or filtering of extracted text is described.
Audit Metadata