slidev
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSPROMPT_INJECTIONREMOTE_CODE_EXECUTION
Full Analysis
- Unverifiable Dependencies (HIGH): The skill instructs the agent to run
pnpm create slidev, which downloads and executes unverified code from a non-whitelisted source. - Indirect Prompt Injection (HIGH): The skill facilitates writing user-provided content into markdown files that support executable Vue/Vite components, creating a risk for script injection. Ingestion points: User content for presentations. Boundary markers: None identified. Capability inventory: File-writing operations and execution of development servers. Sanitization: No verification or sanitization of user-supplied code is documented.
- Dynamic Execution (MEDIUM): The framework uses Vite to dynamically transpile and run scripts embedded within markdown files at runtime.
Recommendations
- AI detected serious security threats
Audit Metadata