Skills
skills/nogataka/slidekit/slidekit-create/Gen Agent Trust Hub

slidekit-create

Pass

Audited by Gen Agent Trust Hub on Mar 5, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to Indirect Prompt Injection because it ingests untrusted data from multiple sources to guide its slide generation logic.
  • Ingestion points: Files located in references/templates/ and user-specified content files (Markdown, Word, Text) in Phase 1-4.
  • Boundary markers: The skill lacks explicit delimiters or instructions to ignore embedded commands within the processed files.
  • Capability inventory: The skill performs file system read/write operations and has the ability to invoke external tools (the /pptx skill).
  • Sanitization: There is no evidence of sanitization or validation of the text extracted from the external documents before it is processed by the agent.
  • [EXTERNAL_DOWNLOADS]: The generated HTML output includes references to CSS and JavaScript libraries hosted on cdn.jsdelivr.net (Tailwind CSS, Font Awesome, and Chart.js). These are well-known and standard services for web development assets.
  • [COMMAND_EXECUTION]: The workflow includes a step to invoke an external skill (/pptx) for PowerPoint conversion. This involves passing context and control to a separate tool based on the generated HTML content.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 5, 2026, 08:51 AM