Skills
skills/github/awesome-copilot/publish-to-pages/Gen Agent Trust Hub

publish-to-pages

Pass

Audited by Gen Agent Trust Hub on Mar 20, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches presentation data from Google Docs (docs.google.com) for conversion when a Google Slides URL is provided.
  • [COMMAND_EXECUTION]: Executes system and vendor commands to manage the publishing workflow, including the GitHub CLI (gh) for repository management, git for version control, and Python scripts for document conversion.
  • [PROMPT_INJECTION]: Represents an indirect prompt injection surface due to the processing of untrusted user files.
  • Ingestion points: Untrusted data enters via PPTX, PDF, and HTML files or Google Slides URLs.
  • Boundary markers: Absent; the skill converts document content directly into HTML format for deployment.
  • Capability inventory: Includes creating public GitHub repositories and pushing arbitrary HTML content.
  • Sanitization: Implements basic character escaping in the PPTX conversion script, but lacks robust sanitization for all processed content types.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 20, 2026, 03:27 AM