review-presentation
Pass
Audited by Gen Agent Trust Hub on Apr 28, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill defines a workflow for ingesting and processing external data, which exposes a surface for indirect prompt injection attacks.
- Ingestion points: Content extracted from PDF slides and converted to markdown as specified in
SKILL.md. - Boundary markers: Absent. The instructions do not define any delimiters or system-level warnings to ensure the agent ignores potentially malicious instructions embedded within the slides.
- Capability inventory: The agent's actions are limited to analysis and feedback. No dangerous tools (shell, file-system writes, or network requests) are defined or requested in the skill metadata.
- Sanitization: Absent. There are no instructions to sanitize or validate the markdown content derived from the PDF before it is processed by the agent.
- [NO_CODE]: The skill consists entirely of natural language instructions and does not include any scripts, executables, or complex configurations.
Audit Metadata