html-slides
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches the reveal.js framework, CSS themes, and plugins (Markdown, Highlight, Notes) from the jsdelivr CDN. This is a well-known service used for loading web assets.
- [PROMPT_INJECTION]: The skill utilizes the pptx_to_html tool to convert PowerPoint files, which creates an ingestion point for untrusted content.
- Ingestion points: Content from .pptx files processed by the office-mcp server tool.
- Boundary markers: None provided in the skill logic to isolate converted slide content from the agent's instructions.
- Capability inventory: Generation of interactive HTML slides and script initialization.
- Sanitization: No explicit sanitization or escaping of input text from external files is defined in the skill.
Audit Metadata