Skills
skills/mxyhi/ok-skills/pptx-generator/Gen Agent Trust Hub

pptx-generator

Warn

Audited by Gen Agent Trust Hub on Mar 29, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The workflow for creating presentations from scratch involves generating individual JavaScript files for each slide and then executing them via a central compile.js script using require() with computed paths. This runtime execution of dynamically generated local code is a core capability of the skill.
  • [PROMPT_INJECTION]: The skill processes untrusted data from user-provided PPTX files to extract text and analyze structures.
  • Ingestion points: Text extraction from user-provided files occurs in SKILL.md and references/editing.md using the markitdown tool.
  • Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present when processing extracted content.
  • Capability inventory: The skill has extensive file system access (read/write), can execute shell commands (node, python), and performs XML manipulation via Python scripts.
  • Sanitization: There is no evidence of sanitization or validation of the content extracted from external presentations before it is used to influence the agent's logic or the generation of new slides.
  • [EXTERNAL_DOWNLOADS]: The skill documentation describes functionality to fetch images from remote URLs (e.g., in references/pptxgenjs.md via slide.addImage({ path: 'https://...' })). This allows the agent to perform arbitrary network requests to external domains.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 29, 2026, 08:51 AM