create-slidev-presentation
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses
pnpmandslidevCLI tools to initialize projects, run development servers, and build or export presentations. These are standard operations for the Slidev framework. - [EXTERNAL_DOWNLOADS]: Includes instructions to download
playwright-chromiumfrom the npm registry to enable PDF export features. Playwright is an established tool from Microsoft. - [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection as it reads and edits markdown content that may originate from untrusted sources.
- Ingestion points: Reads presentation content from
slides.mdand related markdown files. - Boundary markers: Employs triple-dash (
---) separators and YAML frontmatter blocks. - Capability inventory: Performs CLI-based file generation, server hosting, and file exports via Node.js.
- Sanitization: No specific input sanitization is mentioned; the skill relies on the underlying Slidev engine and markdown parsers.
Audit Metadata