material-you-slides
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches the 'Roboto' font family from Google's official fonts service (fonts.googleapis.com). This is a standard and safe practice for web typography.
- [PROMPT_INJECTION]: The skill contains a surface for indirect prompt injection as it interpolates user-provided content into HTML templates. This is a common design for template engines and no malicious patterns were identified.
- Ingestion points: User-provided text content for slide fields (titles, bodies, metrics) as defined in SKILL.md.
- Boundary markers: None identified within the template structures.
- Capability inventory: Generation of static HTML files.
- Sanitization: No specific instructions for sanitizing or escaping user-provided text before interpolation.
- [SAFE]: No malicious behavior, obfuscation, or unauthorized data access were detected. The skill's behavior is consistent with its stated purpose.
Audit Metadata