PPTX Generation
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [PROMPT_INJECTION]: The skill processes external markdown content and JSON data structures to generate presentations, creating an Indirect Prompt Injection surface. Malicious instructions embedded in these inputs could attempt to influence agent behavior. Ingestion points: Markdown input examples and Slide Types data shapes in SKILL.md. Boundary markers: None identified. Capability inventory: Local file write via CLI output flag and local file access for images. Sanitization: No explicit sanitization or validation of input content is documented.
- [COMMAND_EXECUTION]: The skill uses
npx ts-nodeto execute a local script file (.github/muscles/pptxgen-cli.ts). While this is part of the skill's intended functionality for programmatic generation, it involves the execution of local code. - [DATA_EXFILTRATION]: The skill supports embedding images using local file paths. This functionality could be exploited to read sensitive system or configuration files (e.g., SSH keys, .env files) if the agent is directed to use an unauthorized path as an image source, potentially exposing the file contents within the generated PPTX file.
Audit Metadata