Skills
skills/binggandata/bggg-skills/bggg-creator-image2ppt/Gen Agent Trust Hub

bggg-creator-image2ppt

Pass

Audited by Gen Agent Trust Hub on May 5, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The script scripts/image2pptx.py uses subprocess.run to optionally call libreoffice or soffice for PDF conversion. The implementation uses a list-based argument structure and avoids the shell, mitigating command injection risks.
  • [SAFE]: All identified dependencies in scripts/requirements.txt (python-pptx, Pillow, beautifulsoup4, lxml) are standard, well-known packages for document and image processing.
  • [SAFE]: The skill follows best practices by organizing files into isolated project directories (projects/YYYYMMDD_slug/) and does not attempt to access sensitive system paths or environment variables.
  • [SAFE]: The HTML and SVG parsing logic in scripts/html_svg_to_manifest.py is focused on structural extraction (geometry and text) and does not involve any dynamic code execution or unsafe deserialization.
Audit Metadata
Risk Level
SAFE
Analyzed
May 5, 2026, 01:58 PM