Skills
skills/tivojn/office/pptx-design-agent/Gen Agent Trust Hub

pptx-design-agent

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • Indirect Prompt Injection (LOW): The skill reads text and shape data from existing PowerPoint files using AppleScript. This ingestion of untrusted data creates a surface for indirect prompt injection, where malicious instructions inside a presentation could influence the agent's actions during an edit or redesign.
  • Ingestion points: AppleScript read operations (e.g., 'Read all slides/shapes/text' in README.md).
  • Boundary markers: None mentioned in documentation.
  • Capability inventory: osascript (system automation) and file-system write access via python-pptx.
  • Sanitization: No content filtering or validation mentioned.
  • External Downloads (LOW): The installation process requires downloading the python-pptx and lxml packages from PyPI. These are standard, well-maintained libraries for presentation and XML processing.
  • Command Execution (LOW): The skill utilizes osascript to send AppleScript commands to Microsoft PowerPoint. While osascript can be used for broad system interaction, its application here is restricted to the intended purpose of PowerPoint UI automation.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:51 PM