Skills
skills/vinnie357/claude-skills/slidev-styles/Gen Agent Trust Hub

slidev-styles

Pass

Audited by Gen Agent Trust Hub on Apr 20, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by ingesting data from external, untrusted websites to generate local project configurations.
  • Ingestion points: Website DOM elements, CSS custom properties, and asset URLs extracted via Playwright MCP tools as described in references/discovery-pipeline.md.
  • Boundary markers: Absent; the skill does not use specific delimiters or instructions to ignore potential commands embedded in the scraped content.
  • Capability inventory: The skill possesses the ability to write files to the project directory (e.g., brand-config.json, styles/index.css) and execute local shell commands (e.g., npx slidev) as seen in SKILL.md and references/validation-checklist.md.
  • Sanitization: Absent; the extracted string values are directly interpolated into CSS and TypeScript configuration files.
  • [EXTERNAL_DOWNLOADS]: The skill extracts and utilizes external asset URLs (specifically brand logos) and CSS configuration from remote websites to configure the local presentation environment, which is the intended functional purpose of the tool.
  • [COMMAND_EXECUTION]: The skill instructs the agent to run the npx slidev command to start a local development server for visual validation of the generated slides, which is a standard developer workflow.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 20, 2026, 01:24 AM