pptx
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The script
ooxml/scripts/pack.pyusessubprocess.runto callsoffice(LibreOffice) for headless document validation. The arguments are passed as a list, and the operation is restricted to validating the processed document's integrity. - [DATA_EXFILTRATION] (SAFE): No network communication or hardcoded credentials were found. File operations are confined to the user-specified directories and temporary paths.
- [REMOTE_CODE_EXECUTION] (SAFE): The skill does not download or execute remote scripts. It relies on standard libraries and trusted packages for its functionality.
- [INDIRECT_PROMPT_INJECTION] (LOW): The skill possesses an attack surface for indirect prompt injection as it processes external Office files. However, it implements standard mitigations.
- Ingestion points: ZIP extraction in
ooxml/scripts/unpack.pyand XML parsing in validation modules. - Boundary markers: None (standard for file processing tools).
- Capability inventory: File system access (read/write), ZIP extraction, and subprocess execution for
soffice. - Sanitization: The implementation uses
defusedxml.minidomandlxml.etreefor secure XML handling, effectively preventing XML External Entity (XXE) attacks.
Audit Metadata