powerpoint-presentations
Warn
Audited by Gen Agent Trust Hub on Apr 24, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The create_presentation tool relies on a custom_code parameter that executes agent-generated JavaScript code using the PptxGenJS library. This dynamic code execution pattern is used for slide construction but presents a potential risk if the code generation is manipulated.
- [PROMPT_INJECTION]: The skill possesses a vulnerability surface for indirect prompt injection. (1) Ingestion points: The analyze_presentation tool in editing-guide.md extracts text content and element IDs from slide shapes. (2) Boundary markers: There are no instructions to use delimiters or ignore embedded commands within the analyzed slide content. (3) Capability inventory: The agent can execute JavaScript code, delete slides, and update content in the file system. (4) Sanitization: The skill does not describe any validation or escaping of extracted slide text before it is presented to the agent as context.
- [EXTERNAL_DOWNLOADS]: The PptxGenJS implementation referenced in pptxgenjs.md allows for fetching image assets and backgrounds from remote URLs via the path attribute.
Audit Metadata