pptx
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS] (SAFE): The skill depends on well-known, legitimate packages including playwright, sharp, and python-pptx.\n- [COMMAND_EXECUTION] (SAFE):
ooxml/scripts/pack.pyexecutessofficefor file validation usingsubprocess.runwith an argument list, which prevents command injection.\n- [DATA_EXPOSURE] (SAFE): No sensitive data exposure or hardcoded credentials were detected.\n- [INDIRECT_PROMPT_INJECTION] (LOW): The skill processes untrusted Office documents, which is a potential surface for indirect injection if the agent reads the document contents.\n - Ingestion points:
ooxml/scripts/unpack.py(zip extraction),scripts/rearrange.py(pptx loading).\n - Boundary markers: None.\n
- Capability inventory: File system read/write,
sofficecommand execution.\n - Sanitization: Employs
defusedxmlfor XML parsing in multiple scripts to mitigate XML-based attacks.
Audit Metadata