pptx
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- COMMAND_EXECUTION (SAFE): The script 'ooxml/scripts/pack.py' invokes the 'soffice' binary (LibreOffice) to perform headless document validation. \n
- Evidence: 'subprocess.run' is used in the 'validate_document' function with a predefined list of arguments and no shell execution. \n- PROMPT_INJECTION (SAFE): This identifies an Indirect Prompt Injection surface (Category 8) where the skill processes Office document data. \n
- Ingestion points: 'ooxml/scripts/unpack.py' and 'ooxml/scripts/validation/docx.py' process files from external documents. \n
- Boundary markers: Not applicable as it follows the standard OOXML schema. \n
- Capability inventory: File system read/write and local execution of 'soffice'. \n
- Sanitization: The skill correctly uses 'defusedxml' during unpacking and packing to mitigate XML-based attacks. \n- DATA_EXFILTRATION (SAFE): No evidence of network activity, credential harvesting, or access to sensitive system paths was found.
Audit Metadata