deck-builder
Warn
Audited by Gen Agent Trust Hub on Apr 13, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes shell commands to install dependencies (
pip install python-pptx) and runs a dynamically generated Python script to produce .pptx files. - [DYNAMIC_EXECUTION]: The skill instructs the agent to 'Write a single Python generation script' incorporating helper functions and slide content at runtime. This script is then executed to perform the file generation. While intended for presentation building, generating and executing code based on processed input is a high-sensitivity operation.
- [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted data from external URLs or local file paths provided by the user (Step 2). This data is used to generate the deck plan and final slide content.
- Ingestion points: SKILL.md (Step 2: 'If they provided a URL or file path, fetch and read it')
- Boundary markers: Absent. The skill does not use specific delimiters or instructions to ignore embedded commands in the source document.
- Capability inventory: SKILL.md (Step 6: Python script generation and execution with
python-pptx) - Sanitization: Absent. The skill does not mention escaping or validating the content fetched from external sources before using it in the generation logic.
Audit Metadata