pptx
Warn
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [DYNAMIC_EXECUTION]: The script
scripts/office/soffice.pydynamically generates C source code, compiles it into a shared library usinggcc, and injects it into the LibreOffice process using theLD_PRELOADenvironment variable. This is implemented to facilitate communication when AF_UNIX sockets are blocked by a sandbox environment, but the pattern of runtime compilation and process injection is inherently sensitive. - [INDIRECT_PROMPT_INJECTION]: The skill ingests untrusted data from external
.pptxfiles viamarkitdownand custom XML processing scripts. This creates a vulnerability surface where a malicious presentation could contain hidden instructions designed to override agent behavior during analysis, particularly as the skill has significant capabilities including file system access and subprocess execution.
Audit Metadata