pptx-posters
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTIONNO_CODE
Full Analysis
- [COMMAND_EXECUTION]: The skill instructions involve executing several shell commands via the Bash tool, including the use of
google-chrome --headlessfor PDF generation andlibreoffice --headlessfor document conversion. It also executes local Python scripts to generate visual elements. - [EXTERNAL_DOWNLOADS]: The skill requires the installation and use of the
python-pptxlibrary and assumes the presence of external binaries such as Google Chrome and LibreOffice on the host system. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) because it incorporates untrusted user data into HTML templates and command-line arguments.
- Ingestion points: Research data and figure descriptions provided by the user are written to
poster.htmland passed toscripts/generate_schematic.pyvia shell arguments. - Boundary markers: No boundary markers or 'ignore' instructions are used to separate user data from the skill's operational logic.
- Capability inventory: The skill utilizes
Bash,Read, andWritetools to perform file system operations and execute system-level applications. - Sanitization: There is no evidence of sanitization or escaping of user-provided text before it is used in shell commands or HTML generation.
- [NO_CODE]: The skill references a core functional script,
scripts/generate_schematic.py, which is not included in the provided file set, preventing a full security audit of the image generation logic.
Audit Metadata