frontend-slides
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a bundled Python script (
scripts/extract-pptx.py) to process user-provided PowerPoint files. This operation is limited to extracting text and images to a local directory. - [EXTERNAL_DOWNLOADS]: The skill references standard Python libraries (
python-pptx,Pillow) and well-known external font providers (Google Fonts and Fontshare) required for its core presentation generation features. - [DATA_EXPOSURE]: Processes local PowerPoint files and creates asset folders in the project directory. There is no evidence of unauthorized sensitive file access or network-based data exfiltration.
- [INDIRECT_PROMPT_INJECTION]: The skill ingests untrusted data from PowerPoint files and user notes.
- Ingestion points:
.pptxfiles and user-provided text (SKILL.md Phase 4 and Phase 1). - Boundary markers: Content is wrapped in HTML tags within the template (html-template.md) but lacks explicit injection delimiters.
- Capability inventory: File-system writing, Python script execution, and browser opening (SKILL.md).
- Sanitization: No explicit sanitization of extracted PPT text before interpolation into the HTML template, though the data is rendered in a sandboxed browser environment.
Audit Metadata