frontend-slides
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill presents an attack surface for indirect prompt injection because it ingests untrusted data from PowerPoint (.pptx) files and user-provided notes to generate HTML output. Ingestion points include PPT conversion in Phase 4 and user notes in Phase 1. There are no explicit boundary markers or 'ignore' instructions in the templates to prevent the agent from following embedded instructions in the extracted text. The skill has capabilities to write files, execute scripts, and open files in the browser, but it lacks specific sanitization logic for the extracted content.
- [COMMAND_EXECUTION]: The skill utilizes a Python script for PowerPoint content extraction and the 'open' command to launch the generated presentation in the user's browser. These actions are documented and essential to the skill's primary functionality.
- [EXTERNAL_DOWNLOADS]: The skill requires the 'python-pptx' library, which is a standard and well-known Python package for handling PowerPoint documents.
Audit Metadata