openai-slides-skill
Creates and edits PowerPoint presentation files with slide layouts, text formatting, images, charts, and structured content using PptxGenJS and Python libraries.
77
/ 100 · Grade C
C = 70–79
“I need to create professional PowerPoint presentations, convert existing slides from screenshots or PDFs, modify slide content while maintaining editability, or fix layout issues in presentation decks.”
openai-slides-skill earned Verified status with a trust score of 77/100 (Grade C). Adversarial testing produced 1 finding (1 high). Security scan flagged 8 findings. Tier is Verified rather than Certified due to unmitigated findings above severity thresholds.
Trust Score Breakdown
Eight weighted signals composing the aggregate trust score
Scheme v2.0 · Weights provisional · Consumer confirmations and uptime use pipeline-derived baselines.
Findings
Security scan results, adversarial testing, and pipeline review
Security Scan — Cisco Skill Scanner
Finding details
Pattern detected: require("child_process")
Pattern detected: spawnSync(
Pattern detected: fs.readFileSync(
Multiple Python scripts use subprocess.run() with user-controlled input without proper sanitization. The render_slides.py script constructs shell commands using file paths that could contain malicious characters, and ensure_raster_image.py executes external tools (inkscape, gs, heif-convert, JxrDecApp) with user-provided file paths. An attacker could craft malicious filenames to inject shell commands.
The JavaScript helper files use Node.js require() to load child_process modules and filesystem modules. While not directly executing commands in the provided code, the presence of these imports in a skill package creates potential for command injection if the helpers are modified or if additional code uses these modules unsafely.
The JavaScript helper modules have unrestricted access to the file system through Node.js fs module. The code reads files using fs.readFileSync() and require.resolve(), which could potentially be used to access sensitive files on the system if file paths are not properly validated.
Pattern detected: sudo apt-get install
The skill manifest is missing optional metadata fields including license, compatibility, and allowed-tools. While these fields are optional per the agent skills specification, their absence makes it harder to assess the skill's intended scope and restrictions.
Adversarial Testing — 3 categories, 1 findings
The skill instructions reference user-provided content (screenshots, PDFs, reference decks, slide content) that gets processed and incorporated into slide generation without explicit data-boundary markers. The workflow section states 'Inspect the request and determine whether you are creating a new deck, recreating an existing deck, or editing one' and 'Recreate Or Edit Existing Slides' section mentions processing 'reference PDF' and 'reference slide' content. User content could potentially contain instruction-like directives that override the skill's behavior during the slide creation process.
Methodology v1.0 · 3 categories · ~55 attack patterns
Pipeline Review — 3 findings
cisco_skill_scanner: critical finding — command_injection
cisco_skill_scanner: high finding — data_exfiltration
cisco_skill_scanner: high finding — command_injection
Behavioral Fingerprint
Runtime performance baseline for drift detection
Samples
8
Error rate
0.0%
Peak memory
— MB
Avg CPU
—%
Response time distribution
Output size distribution
Fingerprint v1.0 · Baseline: Mar 28, 2026 · Status: baseline
Interface
Skill triggers and instruction summary
Activation
This skill activates when tasks involve creating, editing, or recreating PowerPoint presentation slide decks (.pptx files).
This skill handles slide deck creation, modification, layout validation, and rendering using PptxGenJS with bundled helper utilities.
Does
Use PptxGenJS for slide authoring instead of python-pptx for generation
Work in task-local directories and copy final artifacts after validation
Copy bundled pptxgenjs_helpers folder into workspace and import locally
Set slide size upfront with 16:9 default unless source material indicates otherwise
Set theme fonts explicitly and use helper functions for text sizing
Run validation scripts to check for overflow and layout issues
Deliver both .pptx file and source .js file with any required assets
Include overlap and bounds checking warnings in generated JavaScript
Render source decks first when recreating or editing existing slides
Does not
Use python-pptx for deck generation unless task is inspection-only
Rely on PowerPoint defaults for typography when it matters
Use PptxGenJS fit or autoFit for text sizing
Use literal bullet characters instead of bullet options
Use PptxGenJS built-in image sizing instead of helper functions
Scope & Permissions
What this capability can and cannot access — derived from pipeline analysis
yes
no
yes
no
yes
no
Known Failure Modes
Documented edge cases and recovery behaviors
when when layout issues are detected
then the agent fixes all unintentional overlap and out-of-bounds warnings before delivery
when when fonts are missing or substituted
then the agent reports and addresses font issues using detect_font.py
when when slide content overflows canvas
then the agent uses slides_test.py to detect and fix overflow issues
Badge & Integration
Embed certification status in your README, docs, or CI pipeline
Certification Notes
Provenance observations from the pipeline
Publisher "openai" is not verified — first certification from this publisher
No SECURITY.md or SECURITY.txt file found — no published vulnerability reporting process
Single contributor — no peer review evidence in commit history
Repository is 3 days old — recently created
Package description appears to be boilerplate or template text
Signed Artifact
Certification provenance and verification metadata
Pipeline Artifacts
Raw data files from this certification run — downloadable for independent verification
contract.json
Full unsigned contract
stage1-ingest.json
Ingest stage output
stage2a-sbom.json
SBOM generation results
stage2a-vulns.json
Vulnerability scan results
stage2b-security.json
Security scan results
stage3a-functional.json
Functional test results
stage3b-adversarial.json
Adversarial test results
stage3c-fingerprint.json
Behavioral fingerprint
stage4-certify.json
Certification decision + trust score
stage3a-measurements.json
Raw functional test measurements
stage3b-measurements.json
Raw adversarial test measurements
run-log.json
Pipeline execution log
Not all files may be present for every certification.