skills/jeremylongshore/claude-code-plugins-plus-skills/presentation-slide-outliner/Gen Agent Trust Hub
presentation-slide-outliner
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHPROMPT_INJECTIONCOMMAND_EXECUTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION] (HIGH): The skill is susceptible to Indirect Prompt Injection due to its capability-to-content risk profile. 1. Ingestion points: Processes external user requests and documents for 'presentation slide outliner' tasks. 2. Boundary markers: Absent; there are no instructions to distinguish between data content and agent instructions. 3. Capability inventory: Permitted tools include 'Bash', 'Write', 'Edit', and 'Grep', which provide a high-privilege execution environment. 4. Sanitization: None; the skill does not include any logic to filter or escape malicious instructions embedded in slide content.
- [COMMAND_EXECUTION] (MEDIUM): The skill requests 'Bash' tool access. While common for development tasks, granting shell access to a text-processing utility without restricted scopes or audited scripts increases the impact of a successful prompt injection.
- [NO_CODE] (INFO): The skill contains no accompanying implementation code or scripts; it relies solely on the LLM's interpretation of the markdown metadata.
Recommendations
- AI detected serious security threats
Audit Metadata