pptx
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- COMMAND_EXECUTION (LOW): The script
ooxml/scripts/pack.pyexecutes thesofficecommand usingsubprocess.runto validate document integrity. Evidence:subprocess.run(["soffice", "--headless", ...], ...)invalidate_document. This is part of the skill's primary functionality and does not useshell=True. - PROMPT_INJECTION (LOW): The skill processes untrusted external XML data within Office documents, creating a surface for indirect prompt injection. Ingestion points:
ooxml/scripts/unpack.pyandooxml/scripts/pack.py. Boundary markers: Absent. Capability inventory: File system writes and subprocess execution. Sanitization: Employsdefusedxmlfor XML parsing in many components, though some validation tasks uselxml.
Audit Metadata