qoder-ppt-v2
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill defines a surface for Indirect Prompt Injection by interpolating user-provided text drafts into HTML structures. There are no instructions for the agent to sanitize or escape user input before placement.
- Ingestion points: User-provided text draft (mentioned in description).
- Boundary markers: Absent; no delimiters or warnings to ignore instructions within the draft are provided.
- Capability inventory: HTML file generation and browser-based presentation.
- Sanitization: Absent; no explicit requirement to validate or escape HTML entities in user content.
- [Safe] (SAFE): No hardcoded credentials, unauthorized network operations, or obfuscation techniques were detected. The skill is primarily composed of static CSS and HTML layouts.
Audit Metadata