pptx
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION] (HIGH): A Zip Slip vulnerability exists in
ooxml/scripts/unpack.pywherezipfile.extractall()is used on the input Office file without path validation. A malicious archive containing path traversal sequences (e.g.,../../) could overwrite arbitrary files on the system. - [COMMAND_EXECUTION] (HIGH): Unsafe XML parsing in
ooxml/scripts/validation/docx.pyusinglxml.etree.parse()without explicitly disabling external entities. This makes the skill vulnerable to XML External Entity (XXE) attacks, which can be used to read local system files or conduct SSRF when processing a crafted document. - [COMMAND_EXECUTION] (MEDIUM): In
ooxml/scripts/pack.py, the skill executes thesofficesystem binary viasubprocess.run()to validate documents. This exposes the system to the large attack surface of the LibreOffice conversion engine using potentially attacker-controlled document data. - [EXTERNAL_DOWNLOADS] (MEDIUM): Several internal modules referenced in
ooxml/scripts/validation/__init__.py(includingpptx.pyandredlining.py) are missing from the skill package, which prevents a full security verification of the document validation logic. - [EXTERNAL_DOWNLOADS] (LOW): The skill relies on external Python packages including
lxml,defusedxml,python-pptx, andsix. Per [TRUST-SCOPE-RULE], these dependencies are classified as LOW severity because the skill originates from a trusted source (Anthropic).
Recommendations
- AI detected serious security threats
Audit Metadata