wps-ppt
Pass
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill exposes an indirect prompt injection surface (Category 8) because it reads and processes user-controlled content from existing presentations.
- Ingestion points: The skill reads slide content, text boxes, and speaker notes via tools like
wps_get_active_presentation,getTextBoxes, andgetSlideNotes. - Boundary markers: No explicit delimiters or instructions for the agent to ignore instructions embedded within the PPT data are present.
- Capability inventory: The agent can modify files, insert text, and create hyperlinks through the
wps_execute_methodandaddPptHyperlinktools. - Sanitization: No validation or filtering of ingested text content is described.
- [COMMAND_EXECUTION]: The skill uses a generic
wps_execute_methodtool to perform operations. These operations are restricted to the WPS Office application context (specified viaappType: "wpp") and do not allow for arbitrary system shell command execution.
Audit Metadata