Skills
skills/boom5426/nature-paper-skills/academic-presentations/Gen Agent Trust Hub

academic-presentations

Pass

Audited by Gen Agent Trust Hub on Apr 13, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill installs the nanobanana extension from a GitHub repository and downloads a pre-trained model for the Kokoro TTS engine from HuggingFace.
  • [COMMAND_EXECUTION]: The skill executes multiple command-line utilities including ffmpeg for video assembly, LibreOffice (soffice) for document conversion, and pdftoppm (poppler) for image extraction.
  • [DATA_EXFILTRATION]: Script text and document content are transmitted to external services including Microsoft Edge TTS, ElevenLabs, and Gemini as part of its normal operation.
  • [PROMPT_INJECTION]: The skill processes research papers which are external, untrusted data sources susceptible to indirect prompt injection attacks. Evidence: 1. Ingestion points: Research papers processed via SKILL.md. 2. Boundary markers: Absent from prompt templates. 3. Capability inventory: System-level execution of ffmpeg, soffice, and pdftoppm. 4. Sanitization: No content filtering or sanitization steps are documented.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 13, 2026, 09:09 AM