slidespeak-generator
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill provides a surface for indirect prompt injection by processing external data obtained from web searches.
- Ingestion points: The skill uses the
web_searchtool to collect information for presentation slides, as specified in the Content Expansion Strategy section of SKILL.md. - Boundary markers: There are no explicit delimiters or specific 'ignore' instructions implemented to prevent the agent from following malicious commands embedded in the search results.
- Capability inventory: The skill utilizes the
slidespeak_rendertool, which communicates with the SlideSpeak API (api.slidespeak.co) and writes files to the local system in the./outputs/pptdirectory. - Sanitization: No content filtering or validation logic is applied to the untrusted web data before it is incorporated into the tool's configuration parameters.
Audit Metadata