baoyu-slide-deck
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted user content to generate outlines and image prompts, exposing an indirect prompt injection surface.
- Ingestion points: User-provided content from files (source.md) or session input.
- Boundary markers: No specific delimiters or safety instructions are used in reference templates like base-prompt.md when interpolating user content.
- Capability inventory: Subprocess execution for file merging and image generation tool delegation.
- Sanitization: No filtering or sanitization of input content is performed.
- [COMMAND_EXECUTION]: Local scripts for PDF and PPTX merging (merge-to-pdf.ts, merge-to-pptx.ts) are executed via npx and bun.
- [SAFE]: Core dependencies such as pdf-lib and pptxgenjs are well-known and trusted technology packages from established registries.
Audit Metadata