slides-generator
Pass
Audited by Gen Agent Trust Hub on Mar 25, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local shell commands to facilitate the project setup, including copying templates with
cp, managing dependencies vianpm install, and launching the development environment usingnpm run dev. - [EXTERNAL_DOWNLOADS]: Standard frontend libraries and tools are downloaded from the NPM registry. The skill also includes instructions for installing the well-known
chrome-devtools-mcptool for visual verification of the generated slides. - [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface because user-supplied information is interpolated into subagent prompts that generate executable JSX components.
- Ingestion points: User requirements, slide titles, and key content points gathered during the workflow.
- Boundary markers: Minimal; the subagent prompt template does not use robust delimiters or specific instructions to isolate user-provided text as data.
- Capability inventory: Includes file system write operations in the slides directory and shell command execution to run the generated code.
- Sanitization: There is no evidence of sanitization or validation of user-provided content before it is processed by the code generation subagents.
Audit Metadata