Skills
skills/besoeasy/open-skills/presenton/Gen Agent Trust Hub

presenton

Pass

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches the Presenton Docker image from the GitHub Container Registry (ghcr.io/presenton/presenton:latest) to run the core presentation engine.
  • [COMMAND_EXECUTION]: Utilizes docker run to start the local service and curl commands to interact with the REST API for generating slides and uploading templates.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface (Category 8) because user-provided content is passed to an LLM without clear sanitization.
  • Ingestion points: The prompt field in the /api/v1/ppt/generate endpoint and the generate_presentation tool within the MCP server.
  • Boundary markers: No specific delimiters or safety instructions are used to wrap the user-provided prompt during interpolation.
  • Capability inventory: The skill can write files to the local disk (curl -o presentation.pptx) and perform network requests via curl and fetch.
  • Sanitization: There is no evidence of input validation or content filtering for the user-provided prompts within the skill definition.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 1, 2026, 04:36 AM