pitch-deck
Warn
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION] (MEDIUM): The skill instructions in
SKILL.mddirect the agent to execute shell commands, specificallypython3 scripts/create_pitch_deck.py. Since the content of this script is not included in the skill package for analysis, its behavior and safety cannot be verified. - [EXTERNAL_DOWNLOADS] (LOW): The troubleshooting section suggests the manual installation of the
python-pptxlibrary usingpip3. While a common library, this introduces a dependency on external, unversioned code. - [INDIRECT_PROMPT_INJECTION] (LOW): The skill possesses a surface for indirect prompt injection.
- Ingestion points: User-provided company information, problem statements, and business details are gathered in 'Step 1' and written to
pitch_data.jsonin 'Step 3'. - Boundary markers: Instructions for creating
pitch_data.jsonlack explicit boundary markers or instructions to ignore embedded commands within the user data. - Capability inventory: The skill executes a subprocess via
python3to process the generated JSON data. - Sanitization: No sanitization or validation logic is defined for the user-provided strings before they are incorporated into the JSON file or processed by the script.
Audit Metadata