md-to-pptx
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the third-party Python libraries 'python-pptx' and 'Pillow' from the official PyPI registry. These are standard tools for document generation and image processing.
- [COMMAND_EXECUTION]: The skill's primary function is accessed by the agent executing a local Python script ('scripts/md_to_pptx.py') via the shell. This script takes user-provided input and output file paths as arguments. If the agent fails to sanitize these paths, it could lead to command injection vulnerabilities.
- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface because it ingests untrusted Markdown data ('input.md') which is then processed to generate file content.
- Ingestion points: The 'scripts/md_to_pptx.py' script reads Markdown content from a file specified by the user or the agent.
- Boundary markers: None are present in the prompt interpolation or the script's processing logic to delimit untrusted content.
- Capability inventory: The skill has the capability to write files to the local disk ('prs.save') and relies on the agent's ability to execute subprocesses.
- Sanitization: The parser in 'scripts/md_parser.py' includes a security check that explicitly skips images with remote protocols ('http://', 'https://', 'data:'), which effectively prevents SSRF or remote resource exfiltration during the conversion process.
Audit Metadata