paw-tools-presentation
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill fetches libraries from well-known services, including Chart.js via jsDelivr and Tailwind CSS via tailwindcss.com. These are used to provide the presentation with interactive data visualizations and styling.
- [EXTERNAL_DOWNLOADS]: HTML templates in the assets folder contain placeholder images hosted on Google (lh3.googleusercontent.com), which serve as professional portraits for team and contact slides.
- [PROMPT_INJECTION]: The skill processes untrusted marketing content provided via raw text, file paths, or other skill outputs (Category 8 surface). This ingestion is central to the skill's primary function of content transformation. Ingestion point: references/01-ingest.md (reads raw text, file content, and previous skill outputs). Boundary markers: Absent. Capability inventory: File system write operations (references/03-generate.md). Sanitization: Absent for content placeholders. The risk is minimized by the agent's internal safety filters and the static nature of the generated HTML output.
Audit Metadata