pptx
Warn
Audited by Snyk on Feb 15, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.70). The skill explicitly accepts and renders external web content (e.g., pptxgenjs.md shows slide.addImage({ path: "https://..."}), slide.background from a URL, and html2pptx uses Playwright to render HTML files), meaning the agent can fetch and interpret arbitrary public URLs and user-supplied web/HTML content as part of its workflow.
Audit Metadata