pitch-deck
Warn
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- COMMAND_EXECUTION (MEDIUM): The skill instructs the agent to run
python3 scripts/create_pitch_deck.py. Since the source code for this script is missing from the skill directory, its behavior (such as file system or network access) cannot be verified. - COMMAND_EXECUTION (LOW): The skill uses
grepto search within its own reference files. While functional, this represents a shell command execution surface. - EXTERNAL_DOWNLOADS (LOW): The documentation recommends installing the
python-pptxlibrary viapip3. While a standard library, this involves installing code from external registries. - INDIRECT_PROMPT_INJECTION (LOW): The skill ingests user-provided text for slide content and writes it to a JSON file. 1. Ingestion points: Data gathered in Step 1 (company name, problem, solution, etc.). 2. Boundary markers: None; no delimiters or 'ignore' instructions are used to separate user data from the generation process. 3. Capability inventory: Ability to execute shell commands (
python3,grep) and write files (pitch_data.json). 4. Sanitization: No evidence of input validation or sanitization before processing the untrusted user data.
Audit Metadata