Skills
skills/hanli0705/lead_agent/pptx/Gen Agent Trust Hub

pptx

Fail

Audited by Gen Agent Trust Hub on Feb 15, 2026

Risk Level: HIGHREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [REMOTE_CODE_EXECUTION] (HIGH): Path Traversal (Zip Slip) in ooxml/scripts/unpack.py.
  • Evidence: The script uses zipfile.ZipFile(input_file).extractall(output_path) without validating that the archive members are contained within the target directory.
  • Impact: An attacker providing a specially crafted .docx, .pptx, or .xlsx file containing filenames with path traversal sequences (e.g., ../../filename) could overwrite sensitive files outside the output_dir during the unpacking process.
  • [COMMAND_EXECUTION] (MEDIUM): Subprocess execution of external binary in ooxml/scripts/pack.py.
  • Evidence: The validate_document function calls subprocess.run(["soffice", "--headless", ...]) to perform document conversion for validation purposes.
  • Risk: While soffice (LibreOffice) is a standard tool, executing complex parsers on untrusted, programmatically generated files increases the attack surface for local code execution if vulnerabilities exist in the Office suite's headless mode.
  • [EXTERNAL_DOWNLOADS] (LOW): Use of third-party libraries.
  • Evidence: The skill relies on lxml, defusedxml, python-pptx, and six.
  • Mitigation: The use of defusedxml is a positive security practice that mitigates common XML vulnerabilities like Billion Laughs or XXE.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 15, 2026, 04:06 AM