paw-tools-presentation
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted marketing data which serves as a surface for indirect prompt injection.\n
- Ingestion points: The skill reads content from file paths, direct text input, and other skill outputs (paw-mkt-*) as specified in references/01-ingest.md.\n
- Boundary markers: There are no explicit delimiters or instructions to ignore embedded commands provided when the agent processes this external content.\n
- Capability inventory: The skill has the capability to write files to the local file system (generated HTML) as defined in references/03-generate.md.\n
- Sanitization: No explicit validation or filtering of the ingested content is performed before it is used to generate the presentation outline and final documents.\n- [EXTERNAL_DOWNLOADS]: The skill and its templates reference external assets from well-known services.\n
- The templates in assets/ fetch the Tailwind CSS framework and Chart.js library from the JSDelivr CDN (cdn.jsdelivr.net). This is a standard and safe practice for generating web-based content.\n- [SAFE]: The skill follows secure practices for credential management and file operations.\n
- Credential Handling: The skill instructs users to store sensitive API keys (pexels_api_key, fal_api_key) in a local configuration file (config.yaml) rather than hardcoding them, which is a recommended security practice.\n
- File System Usage: Output is confined to a dedicated vendor directory (.pawbytes/tools-output/presentations/), aligning with the intended purpose of the tool.
Audit Metadata