pptx
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes external PowerPoint presentations, representing a surface for indirect prompt injection attacks.\n
- Ingestion points: Presentation text and metadata are extracted in
inventory.pyandunpack.pyand presented back to the agent.\n - Boundary markers: None identified; extracted content is handled without specific delimiters to distinguish it from system instructions.\n
- Capability inventory: The skill has capabilities to write files and execute specific system commands via
subprocess.\n - Sanitization: Employs the
defusedxmllibrary for XML parsing to protect against XML External Entity (XXE) vulnerabilities.\n- [COMMAND_EXECUTION]: The skill executes external binaries (sofficefrom LibreOffice andpdftoppmfrom Poppler) to perform document conversion and thumbnail creation.\n - Context: These commands are essential for the skill's primary objective and are invoked with parameters constrained to the specific task.
Audit Metadata