pptx
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill executes external binaries for document processing. Specifically, it uses 'soffice' from the LibreOffice suite and 'pdftoppm' from Poppler to handle PPTX conversions and image rendering. These commands are necessary for the skill's documented functionality.
- [EXTERNAL_DOWNLOADS]: The skill's instructions require several industry-standard third-party libraries. This includes Python packages like 'markitdown', 'defusedxml', and 'python-pptx', as well as Node.js packages like 'pptxgenjs', 'playwright', and 'sharp'. These are standard dependencies for document management and rendering.
- [SAFE]: No malicious behavior, prompt injections, or persistence mechanisms were detected. The implementation uses 'defusedxml' to parse XML content securely, protecting against XML External Entity (XXE) attacks, and all file operations are appropriately scoped to the presentation tasks.
Audit Metadata