frontend-slides
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection through its PowerPoint conversion and note-processing features.
- Ingestion points: Processes external .pptx files via a Python script in Phase 4 and integrates user-provided notes from Phase 1.
- Boundary markers: Does not implement specific delimiters or 'ignore' instructions to isolate extracted external content from the agent's internal logic.
- Capability inventory: Includes file-system write operations (HTML, CSS, assets) and execution of Python-based extraction logic.
- Sanitization: The provided extraction code retrieves raw text from slide shapes without visible sanitization or HTML-escaping before it is rendered in the final presentation.
- [EXTERNAL_DOWNLOADS]: Downloads CSS stylesheets for typography from Fontshare, which is recognized as a well-known and safe technology service.
- [COMMAND_EXECUTION]: Utilizes a Python script with the 'python-pptx' library to programmatically extract and process data from uploaded presentation files.
Audit Metadata