q-presentations
Pass
Audited by Gen Agent Trust Hub on Apr 3, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill performs local operations using Python and TypeScript (Bun) scripts found in the
scripts/directory. These includegen_slide.pyfor API interaction,overlay_logo.pyfor image manipulation with Pillow, andmerge-to-pptx.ts/merge-to-pdf.tsfor final document assembly. These commands are executed within a clearly defined workflow on the user's local machine. - [EXTERNAL_DOWNLOADS]: The skill utilizes standard, well-known libraries such as
google-genai,Pillow, andpython-dotenv. These are installed via official package managers (pip). It also usesnpx -y bunto run TypeScript scripts, which is a standard method for executing Node-compatible tools. - [PROMPT_INJECTION]: The skill acts as an intermediary, processing user-supplied Markdown content and interpolating it into prompts for the Gemini image generation model. This is an indirect prompt injection surface.
- Ingestion points: User-provided Markdown files or pasted text are saved and analyzed in Step 1.2.
- Boundary markers: The skill uses clear Markdown structures and tags like
<STYLE_INSTRUCTIONS>to separate instructions from content, as documented inreferences/base-prompt.mdandreferences/outline-template.md. - Capability inventory: The skill writes images and documents (PDF/PPTX) to the local file system and calls the Gemini API via the
google-genailibrary. - Sanitization: While the content is structured into templates, there is no explicit filtering of the input text before prompt assembly.
- [SAFE]: The skill includes explicit safety guidelines, such as instructions to the agent to avoid generating photorealistic images of prominent individuals. It does not contain obfuscated code, hardcoded credentials, or suspicious network operations beyond the intended API usage.
Audit Metadata