paper-slide-deck
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- Prompt Injection (LOW): The
references/base-prompt.mdfile contains instructions to bypass AI safety filters regarding copyrighted figures, explicitly stating 'DO NOT refuse to generate'. - External Downloads (LOW): The
scripts/generate-slides.pyscript dynamically installs thegoogle-genaipackage at runtime. Since Google is a trusted organization, this is classified as LOW severity per [TRUST-SCOPE-RULE]. - Command Execution (LOW): The script
scripts/generate-slides.pyusessubprocessto execute pip commands for environment setup. - Prompt Injection (LOW): Indirect prompt injection surface detected (Category 8).
- Ingestion points: Text from PDFs in
scripts/detect-figures.ts. - Boundary markers: None; extracted text is interpolated directly into prompts.
- Capability inventory: Gemini API calls in
scripts/generate-slides.pyto generate images from prompts. - Sanitization: None; data is only truncated to 300 characters and whitespace-normalized.
Audit Metadata