slides-grab-card-news
Pass
Audited by Gen Agent Trust Hub on Apr 20, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it ingests and processes slide data from user-specified local directories.
- Ingestion points: Untrusted slide content is ingested via the path provided to the --slides-dir argument throughout the workflow.
- Boundary markers: The skill does not define specific delimiters or include instructions for the agent to ignore potentially malicious commands embedded within the slide files.
- Capability inventory: The skill utilizes the slides-grab CLI to execute validation, viewing, and multi-format export operations (PNG, PDF, PPTX).
- Sanitization: There are no explicit validation or sanitization steps defined for the source content before it is processed by the agent or the CLI tool.
Audit Metadata