Skills
skills/wayfind/origin-task/ppt-outline/Gen Agent Trust Hub

ppt-outline

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • PROMPT_INJECTION (HIGH): The skill is vulnerable to indirect prompt injection due to its processing of external content.\n
  • Ingestion points: scripts/context_scanner.py reads content from all .md files in the provided directory.\n
  • Boundary markers: Absent; document snippets are directly placed into the skeleton.yaml and the scanner report.\n
  • Capability inventory: scripts/outline.py can write files to any local path via the save() method.\n
  • Sanitization: None; the script uses regex to extract raw text without filtering for instructional content.\n- COMMAND_EXECUTION (LOW): The skill executes local Python scripts to perform its logic. No use of eval(), exec(), or unsafe subprocess calls was detected in the analysis of the provided scripts.\n- DATA_EXPOSURE (LOW): scripts/context_scanner.py reads and summarizes files in a user-provided directory. If sensitive data is present in .md or .yaml files in that directory, it may be exposed in the summary report provided to the agent.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 11:59 PM