pptx
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill documentation includes strong instructional markers (e.g., 'CRITICAL', 'MANDATORY') intended to ensure the AI agent follows specific design and formatting rules. These are functional instructions for the agent and do not attempt to bypass safety guardrails or extract system prompts.
- [INDIRECT_PROMPT_INJECTION]: The skill processes user-supplied PowerPoint files, converting their contents into markdown or XML for analysis. This creates a surface for indirect prompt injection if a malicious presentation contains instructions designed to manipulate the agent's behavior. (Ingestion points:
SKILL.mdviaunpack.pyandmarkitdown; Capability inventory: File system access and script execution; Sanitization: Not explicitly present in scripts). - [COMMAND_EXECUTION]: The skill uses
subprocess.runto call system utilities such assoffice(LibreOffice) andpdftoppmfor document validation and thumbnail generation. These calls use argument lists rather than shell strings, which is a secure practice for executing external commands. - [EXTERNAL_DOWNLOADS]: The documentation references installation of standard, well-known software packages from trusted registries (NPM and PyPI), including
playwright,sharp, andpython-pptx. No unauthorized or suspicious remote code downloads were detected in the source code.
Audit Metadata