pptx

CRITICAL E004: Prompt injection detected in skill instructions.

• Potential prompt injection detected (high risk: 0.80). The prompt instructs the agent to "think out loud" (explicitly telling the model to reveal internal reasoning) and to follow mandatory reading/behavior rules that are not required for normal PPTX operations, which effectively requests chain-of-thought and changes agent behavior beyond the skill's stated purpose.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The prompt explicitly includes privileged system installation commands (e.g., "sudo apt-get install libreoffice" and "sudo apt-get install poppler-utils"), which instruct running actions that modify the machine state with elevated privileges.