pptx
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes system commands to facilitate presentation processing.\n
ooxml/scripts/pack.pyandscripts/thumbnail.pyutilizesubprocess.runto callsoffice(LibreOffice) andpdftoppm(Poppler) for document validation and image generation.\nscripts/html2pptx.jsemploys Playwright to run a headless browser for rendering slide templates.\n- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection attack surface because it processes content from external PowerPoint files.\n- Ingestion points: Text extraction occurs via
markitdownandinventory.py.\n - Boundary markers: Not present; extracted text is provided to the agent without specific delimiters or warnings.\n
- Capability inventory: The skill has the ability to execute system commands (
subprocess.run) and launch a browser (Playwright).\n - Sanitization: No specific text sanitization is performed, though
defusedxmlis used for XML parsing.\n- [SAFE]: Security-conscious coding is evident in the usage ofdefusedxmlthroughout the XML handling scripts to protect against XXE attacks.
Audit Metadata