frontend-slides
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the 'open' command to launch the final HTML presentation in the user's default web browser. This is an expected and functional behavior for a presentation generation tool.
- [EXTERNAL_DOWNLOADS]: The generated presentation files reference external CSS and font assets from 'api.fontshare.com'. As this is a well-known typography service, these references are documented as standard web development practices.
- [PROMPT_INJECTION]: The skill is susceptible to Indirect Prompt Injection when processing external PowerPoint (.pptx) files. * Ingestion points: Content extraction occurs in Phase 4.1 using the python-pptx library. * Boundary markers: The skill does not implement delimiters or isolation instructions to differentiate between slide data and instructions. * Capability inventory: The skill has permissions to write files to the local file system and execute browser-opening commands. * Sanitization: There is no evidence of sanitization or filtering for the text content extracted from the PowerPoint files before it is used in the HTML generation process.
Audit Metadata