present
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADS
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill generates HTML that includes links to the reveal.js CSS and JavaScript files hosted on JSDelivr (cdn.jsdelivr.net), a well-known and trusted Content Delivery Network.
- [PROMPT_INJECTION]: The skill displays an attack surface for indirect prompt injection through the processing of untrusted markdown documents. * Ingestion points: Reads content from source documents via the document-path argument (SKILL.md). * Boundary markers: The skill does not define specific markers or instructions to disregard potential commands found within the source documents. * Capability inventory: Performs file read operations and file write operations for HTML generation (SKILL.md). * Sanitization: There is no evidence of content sanitization or output escaping to prevent the execution of scripts embedded in the source content.
Audit Metadata