make-pptx
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill documentation describes the installation of well-known Node.js libraries (pptxgenjs, sharp) and the download of font assets from a public GitHub repository.
- [PROMPT_INJECTION]: The skill implements a workflow to process external HTML files, which introduces a surface for indirect prompt injection.
- Ingestion points: Data is ingested from HTML files stored in a local directory (e.g., slides/ folder).
- Boundary markers: The skill does not define explicit delimiters or instructions to distinguish between presentation data and agent commands within the source HTML.
- Capability inventory: The skill is granted access to powerful tools including Bash, Write, Edit, and Glob.
- Sanitization: No content sanitization or validation of the input HTML is described in the conversion logic.
- [COMMAND_EXECUTION]: The skill includes technical reference documentation that provides examples of using shell commands (unzip, zip) to manipulate OOXML file structures.
Audit Metadata