pptx
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION] (LOW): The "ooxml/scripts/pack.py" script executes the "soffice" (LibreOffice) binary via "subprocess.run" to validate document integrity. The command is called with fixed flags and generated paths, minimizing risk.
- [UNVERIFIABLE_DEPENDENCIES] (SAFE): The skill relies on standard Python libraries such as "lxml", "defusedxml", and "python-pptx". It specifically employs "defusedxml" to sanitize XML content before processing, which is a recommended security practice for handling Office formats.
- [INDIRECT_PROMPT_INJECTION] (LOW): The skill processes untrusted user-supplied documents. While it includes technical sanitization for XML vulnerabilities, the text extracted from these documents could potentially contain instructions aimed at the AI agent (Category 8). Evidence: 1. Ingestion: "unpack.py" extracts document XML. 2. Boundary markers: None present in scripts. 3. Capability inventory: File system read/write and "soffice" execution via subprocess. 4. Sanitization: XXE mitigation via "defusedxml" is present.
Audit Metadata