Skills
skills/aws-samples/sample-strands-agent-with-agentcore/powerpoint-presentations/Gen Agent Trust Hub

powerpoint-presentations

Pass

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The pptxgenjs.md reference documentation specifies that the addImage function can fetch images from external remote URLs (e.g., slide.addImage({ path: 'https://example.com/image.jpg', ... })). This is a standard feature for presentation software but involves outbound network requests to retrieve assets.
  • [COMMAND_EXECUTION]: The create_presentation tool accepts a custom_code parameter which executes arbitrary JavaScript within the scope of the PptxGenJS library. This dynamic code execution is the primary mechanism for generating complex slide layouts and visual elements.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and processes data from external sources.
  • Ingestion points: The analyze_presentation and update_slide_content tools read text and structure from user-provided .pptx files. Additionally, the addImage tool can fetch content from remote URLs.
  • Boundary markers: No specific delimiters or safety instructions are defined to separate untrusted text found in slides from the agent's instructions.
  • Capability inventory: The skill possesses capabilities for reading/writing files and making network requests to fetch images.
  • Sanitization: The instructions do not specify any sanitization or validation of the text content extracted from presentations before it is used in subsequent reasoning steps.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 1, 2026, 01:09 AM