brand-guidelines
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill documentation describes a workflow for processing external artifacts, which creates a surface for Indirect Prompt Injection.
- Ingestion points: The skill is designed to process 'any sort of artifact' (SKILL.md).
- Boundary markers: There are no instructions to the agent to treat the content of these artifacts as untrusted or to ignore instructions embedded within them.
- Capability inventory: The technical details mention using
python-pptxfor file generation and modification (SKILL.md). - Sanitization: The skill lacks instructions for sanitizing or validating input from the processed artifacts.
- [NO_CODE]: The skill contains only documentation (SKILL.md) and license information (LICENSE.txt), with no executable scripts or code files included in the package.
Audit Metadata