slidev
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- COMMAND_EXECUTION (SAFE): The skill utilizes pnpm commands to run, build, and export presentations. These actions are legitimate and necessary for the framework's operation within the local development environment.
- PROMPT_INJECTION (LOW): The skill is susceptible to indirect prompt injection because it processes external markdown content without specific safeguards. 1. Ingestion points: Reads and edits markdown files in the packages/slides/ directory. 2. Boundary markers: There are no instructions to the agent to treat content within markdown separators as untrusted data or to ignore embedded instructions. 3. Capability inventory: The agent can execute shell commands via pnpm and has write access to the filesystem to modify slides. 4. Sanitization: No validation or sanitization of markdown content is specified in the skill's instructions.
Audit Metadata