Skills
skills/nogataka/slidekit/slidekit-templ/Gen Agent Trust Hub

slidekit-templ

Pass

Audited by Gen Agent Trust Hub on Feb 20, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION] (SAFE): The script scripts/pdf_to_images.py executes the pdftoppm binary using subprocess.run with an argument list. This is a secure way to execute commands that avoids shell injection vulnerabilities.
  • [EXTERNAL_DOWNLOADS] (LOW): The skill requires the user to manually install poppler via Homebrew (brew install poppler). While this is a common and legitimate utility, it involves installing external system binaries.
  • [PROMPT_INJECTION] (LOW): The skill is susceptible to indirect prompt injection (Category 8). A malicious PDF could contain text or visual instructions that the LLM might follow while generating the HTML slides. Evidence Chain: 1. Ingestion points: input.pdf is converted to JPEG images which are processed by the LLM in Phase 4. 2. Boundary markers: Absent. There are no instructions to the model to ignore or sanitize instructions found within the visual data of the slides. 3. Capability inventory: The agent can write multiple HTML files to the disk and execute local scripts. 4. Sanitization: No sanitization or content filtering is performed on the PDF or the extracted images.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 20, 2026, 05:00 PM