scientific-slides
Pass
Audited by Gen Agent Trust Hub on Apr 12, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The script
validate_presentation.pyusessubprocess.runto execute thepdflatexcommand. This is used for its intended purpose of validating and compiling LaTeX Beamer templates provided in the skill's assets. The script also usessys.executableingenerate_slide_image.pyto call internal generation modules. - [EXTERNAL_DOWNLOADS]: The
generate_slide_image_ai.pyscript communicates withhttps://openrouter.ai/api/v1to interface with AI models (Gemini) for slide generation and quality review. OpenRouter is a well-known service for LLM aggregation, and its use here is consistent with the skill's primary functionality. - [PROMPT_INJECTION]: The skill processes potentially untrusted data by ingesting user-provided images, charts, and figures (via the
--attachflag ingenerate_slide_image.py) and incorporating them into prompts for Vision LLMs. This represents an indirect prompt injection surface. - Ingestion points: User-provided image attachments in
generate_slide_image_ai.py; input PDF, PPTX, and TEX files invalidate_presentation.py. - Boundary markers: None identified in the prompt construction logic in
generate_slide_image_ai.py. - Capability inventory: Subprocess execution for template validation (
pdflatex) and network access for AI requests (requests). - Sanitization: No explicit sanitization or filtering is performed on content extracted from ingested files.
Audit Metadata