Skills
NYC
skills/ailabs-393/ai-labs-claude-skills/pptx/Gen Agent Trust Hub

pptx

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION] (SAFE): The pack.py script uses subprocess.run to call soffice (LibreOffice) for document validation. The implementation uses a list of arguments and fixed flags (e.g., --headless), which prevents command injection.
  • [REMOTE_CODE_EXECUTION] (SAFE): The skill handles XML processing safely. It uses defusedxml.minidom in unpack.py and pack.py to mitigate XML External Entity (XXE) and other XML-related vulnerabilities. The use of lxml.etree in the validation scripts is applied to local files that have already been extracted, and is consistent with the skill's purpose of schema validation.
  • [DATA_EXFILTRATION] (SAFE): Analysis of the scripts shows no network activity or unauthorized data transmission. All operations are confined to the local file system and specified input/output paths.
  • [INDIRECT_PROMPT_INJECTION] (SAFE): While the skill processes external documents (Office files), it treats them strictly as structured XML data for validation and manipulation. There is no evidence that document content is interpolated into agent prompts in an unsafe manner.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 05:45 PM