promotion-doc-designer
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as its primary function involves processing untrusted user data for document creation. \n
- Ingestion points: User-provided titles, subtitles, and body content are ingested via parameters in 'SKILL.md' and the 'scripts/create_promotion_pdf.py' script. \n
- Boundary markers: The provided template code lacks explicit delimiters or system instructions to disregard potential commands embedded within the user-supplied content. \n
- Capability inventory: The skill has the capability to write files locally (PDF and PPTX formats) but lacks network or shell execution permissions. \n
- Sanitization: No validation or sanitization of user content is demonstrated before its interpolation into the document generation logic.\n- [EXTERNAL_DOWNLOADS]: The skill's developer documentation in 'README_DEV.md' references 'reportlab' and 'python-pptx'. These are well-known, legitimate technology libraries for document generation and are documented neutrally as standard dependencies.
Audit Metadata