pptx
Pass
Audited by Gen Agent Trust Hub on Feb 22, 2026
Risk Level: SAFE
Full Analysis
- [SAFE] (SAFE): The skill is a standard utility for document processing and validation. It uses standard Python libraries and follows defensive coding practices, specifically using the
defusedxmllibrary for all XML parsing to protect against XML External Entity (XXE) attacks. - [Indirect Prompt Injection] (LOW): The skill processes untrusted Office documents. A vulnerability surface exists in
ooxml/scripts/unpack.pyandooxml/scripts/validation/docx.pywherezipfile.extractall()is used without path validation. This creates a 'Zip Slip' (path traversal) risk if a maliciously crafted Office document is processed by the agent. Additionally,ooxml/scripts/pack.pyexecutes thesofficecommand for document validation. - Ingestion points:
ooxml/scripts/unpack.pyandooxml/scripts/validation/docx.py(via zip file extraction). - Boundary markers: Absent.
- Capability inventory: File system write access via extraction and local command execution via
soffice. - Sanitization:
defusedxmlis used for XML content, but ZIP member paths are not sanitized.
Audit Metadata