frontend-slides
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a local Python script (
scripts/extract-pptx.py) to extract text and images from PowerPoint files as part of its conversion workflow. - [EXTERNAL_DOWNLOADS]: The skill requires the installation of well-known Python packages
python-pptxandPillowto handle PowerPoint parsing and image processing tasks. - [PROMPT_INJECTION]: The skill processes untrusted data from external PowerPoint files and images, presenting an indirect prompt injection surface.
- Ingestion points: Data is read from
.pptxfiles via theextract-pptx.pyscript and images are analyzed using multimodal capabilities in Phase 1.2. - Boundary markers: No specific delimiters or warnings are used to separate untrusted extracted content from the generation instructions in the prompt templates.
- Capability inventory: The skill possesses capabilities to write files to the local file system and execute system commands to open the generated presentations in a browser.
- Sanitization: Extracted slide content is interpolated directly into HTML templates without explicit sanitization or validation to prevent embedded malicious scripts or instructions.
Audit Metadata