python-pptx
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADS
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill provides patterns for template replacement that ingest external data into slide content, creating a potential surface for indirect injection.
- Ingestion points: Data substituted into '{{name}}' placeholders within the 'Template Replacement' section of README.md.
- Boundary markers: None present in the provided snippets to distinguish between instructions and data.
- Capability inventory: The skill uses prs.save() to write files to the local filesystem.
- Sanitization: No sanitization or validation of input data is demonstrated in the code examples.
- [External Downloads] (SAFE): The README.md file contains installation instructions for 'python-pptx' and 'Pillow'. These are well-known, legitimate packages from the standard PyPI registry.
Audit Metadata