marp-deck-checker
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses a local task runner to execute 'task pdf' if the target file is missing, which is a standard operational procedure for the intended QA workflow.
- [PROMPT_INJECTION]: The skill ingests data from 'output/*.pdf' and 'slides/deck.md', establishing an indirect prompt injection surface. Evidence chain: 1. Ingestion points: PDF and Markdown file reads (Step 2); 2. Boundary markers: None present; 3. Capability inventory: Subprocess execution ('task pdf') and skill invocation ('marp-deck-gen'); 4. Sanitization: No explicit content filtering or escaping before findings are interpolated into the improvement prompt.
Audit Metadata