Skills
skills/jeremylongshore/claude-code-plugins-plus-skills/gamma-core-workflow-b/Gen Agent Trust Hub

gamma-core-workflow-b

Pass

Audited by Gen Agent Trust Hub on Mar 13, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill relies on the @gamma/sdk Node.js package to communicate with Gamma services.
  • [COMMAND_EXECUTION]: The skill uses the Node.js fs module to read local files via fs.readFile in the uploadAsset function in SKILL.md.
  • [DATA_EXFILTRATION]: Files read from the local system are uploaded to Gamma's infrastructure using the gamma.assets.upload method.
  • [PROMPT_INJECTION]: The skill has an indirect prompt injection surface. Untrusted data enters via slide content and titles in SKILL.md. Boundary markers and sanitization logic are absent. The skill possesses capabilities to read local files and perform network operations.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 13, 2026, 11:42 AM