Skills
skills/mikefilsaime-groove/clickcampaigns-for-claude-code-in-cursor/pptx/Gen Agent Trust Hub

pptx

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHCOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION] (HIGH): The script ooxml/scripts/unpack.py uses zipfile.ZipFile(input_file).extractall(output_path) without validating entry paths. This is a classic ZipSlip vulnerability, allowing a malicious Office document to overwrite files outside the intended directory via path traversal (e.g., ../../target).
  • [COMMAND_EXECUTION] (MEDIUM): The script ooxml/scripts/pack.py executes an external binary soffice (LibreOffice) using subprocess.run. While it avoids shell injection by using a list, processing untrusted documents through a complex office suite provides a significant attack surface for RCE via document-based exploits.
  • [INDIRECT_PROMPT_INJECTION] (HIGH): The skill processes external XML content from Office documents. The file ooxml/scripts/validation/docx.py uses lxml.etree.parse() without explicitly disabling external entities or DTDs, creating a risk for XML External Entity (XXE) attacks if the parser environment is not sufficiently hardened by default.
  • [UNVERIFIABLE_DEPENDENCIES] (MEDIUM): The skill relies on external packages including lxml, python-pptx, defusedxml, and six. While defusedxml is used for some operations, the inconsistent use of safe parsers across the codebase increases the risk profile.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 08:17 AM