scientific-slides
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by ingesting untrusted user content for slide generation. * Ingestion points: User-defined slide descriptions and titles are used as input for the
generate_slide_image.pyscript (SKILL.md). * Boundary markers: There are no explicit delimiters or instructions provided to the agent to ignore potentially malicious directions embedded within the user's slide descriptions (SKILL.md). * Capability inventory: The skill utilizes significant capabilities including theBashtool for script execution andWriteaccess to the file system (SKILL.md). * Sanitization: The documentation does not specify any sanitization, filtering, or validation steps for the user-supplied text before it is processed by the AI-powered generation scripts (SKILL.md).
Audit Metadata