slides
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an attack surface for Indirect Prompt Injection due to the way it handles user-provided data. * Ingestion points: User-provided text and data intended for slide content (processed via instructions in SKILL.md). * Boundary markers: Absent; the skill directly interpolates user content into HTML templates without delimiters or 'ignore' instructions. * Capability inventory: The agent writes the final assembled HTML file to the local filesystem at paths like slides/dist/index.html. * Sanitization: Absent; there are no instructions to escape or validate user-provided strings before injection, which could allow malicious users to include executable scripts or harmful HTML in the output.
- [EXTERNAL_DOWNLOADS]: The HTML templates and examples reference assets from well-known and trusted external services. * Evidence: References to Google Fonts (fonts.googleapis.com), FontAwesome (cdnjs.cloudflare.com), and Unsplash (images.unsplash.com) are used for typography, icons, and placeholder images. These are documented as safe and established technology providers.
Audit Metadata