docx
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION] (HIGH): The file
ooxml/scripts/unpack.pyuseszipfile.ZipFile.extractall(). This is vulnerable to "Zip Slip" attacks, where a malicious archive containing filenames with directory traversal sequences (e.g.,../../.bashrc) could overwrite arbitrary files on the system outside the intended output directory. - [DATA_EXFILTRATION] (MEDIUM): The file
ooxml/scripts/validation/docx.pyuseslxml.etree.parse()to process document XML. Unlikedefusedxml(used in other parts of the skill),lxmlis vulnerable to XML External Entity (XXE) attacks by default. A malicious document could be crafted to read local files or perform server-side requests (SSRF) during the validation process. - [COMMAND_EXECUTION] (MEDIUM): The script
ooxml/scripts/pack.pyinvokes thesoffice(LibreOffice) binary viasubprocess.runto perform document validation. While the execution uses a list of arguments rather than a shell string, it creates a dependency on an external system binary and processes user-provided file paths.
Audit Metadata