Pptx

CRITICAL E004: Prompt injection detected in skill instructions.

• Potential prompt injection detected (high risk: 0.90). The prompt explicitly demands loading a separate "PAI" context file (read ~/.claude/PAI/SKILL.md) that exposes contact lists, voice IDs, personal preferences and other sensitive data unrelated to PPTX creation — an instruction to access potentially sensitive external context that is outside the skill's stated purpose and functions like a hidden/exfiltration directive.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The skill explicitly instructs use of sudo apt-get to install system packages (LibreOffice, Poppler) and recommends global installs (npm -g), which pushes the agent to obtain elevated privileges and modify the host system state.