frontend-slides
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses Python to execute generated scripts for extracting content from PowerPoint files and the 'open' command to launch the final presentation in a web browser, which are standard operations for its stated purpose.\n- [EXTERNAL_DOWNLOADS]: The skill requires the 'python-pptx' library and fetches visual assets from well-known services like Google Fonts and Fontshare to provide high-quality typography.\n- [INDIRECT_PROMPT_INJECTION]: The skill processes external data from user-provided PowerPoint files, which constitutes a potential surface for indirect instructions.\n
- Ingestion points: Content and speaker notes are extracted from .pptx files and user-provided text (SKILL.md Phase 4.1).\n
- Boundary markers: The skill implements a confirmation step where the agent presents extracted content to the user for verification before generation (SKILL.md Phase 4.2).\n
- Capability inventory: Capabilities include Python execution for extraction, local file writing for HTML and assets, and system commands to open the results (SKILL.md Phase 3 & 4.1).\n
- Sanitization: No explicit automated sanitization is described; the skill relies on the 'show and confirm' workflow for user oversight.\n- [DYNAMIC_EXECUTION]: The skill generates Python code from a static template to process PowerPoint files dynamically at runtime.
Audit Metadata