pptx
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [Data Exposure & Exfiltration] (MEDIUM): The ooxml/scripts/unpack.py script uses zipfile.ZipFile.extractall() on an input file without validating the paths within the archive. This is a known vulnerability (ZipSlip) that could allow a malicious Office file to perform directory traversal and overwrite or access files outside the intended directory.
- [Dynamic Execution] (MEDIUM): In ooxml/scripts/pack.py, the validate_document function executes the soffice (LibreOffice) system command via subprocess.run. While this is used for document validation, invoking external binaries with user-controlled file paths introduces risks, especially if the external tool has its own vulnerabilities.
- [Unverifiable Dependencies & Remote Code Execution] (SAFE): The skill utilizes legitimate third-party libraries such as defusedxml, lxml, and python-pptx. Notably, it uses defusedxml to mitigate XML External Entity (XXE) attacks, which is a security best practice.
Audit Metadata