ppt-deck
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill logic in run.py is limited to dictionary manipulation and template formatting. It does not contain any calls to risky functions such as eval, exec, or subprocess.run.
- [PROMPT_INJECTION]: While the skill accepts user-provided topics and subtitles, these are treated as data fields within a structured output. The static prompt template (outline_prompt) does not provide a mechanism for user input to override system instructions or bypass security filters.
- [REMOTE_CODE_EXECUTION]: The skill does not download external scripts or packages. It relies on local imports and standard Python libraries for its core functionality.
- [DATA_EXFILTRATION]: No network operations or sensitive data access patterns were detected. The script only outputs data to standard output via the skill runner utility.
Audit Metadata