automating-powerpoint
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION] (LOW): The skill contains an indirect prompt injection surface in its markdown conversion utility.
- Ingestion points: The script
scripts/markdown_to_powerpoint.pyaccepts a file path as a command-line argument and reads its content to generate presentation slides. - Boundary markers: Absent; the script does not utilize delimiters or specific instructions to ignore embedded instructions within the markdown content.
- Capability inventory: The skill has permissions for PowerPoint automation, file writing, and bash execution, which could be leveraged if an agent obeys instructions hidden in a malicious markdown file.
- Sanitization: Absent; slide titles and bullet points are extracted and directly interpolated into PowerPoint text frames without escaping or validation.
Audit Metadata