wps-ppt-automation
Pass
Audited by Gen Agent Trust Hub on Mar 22, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a local Python script (
scripts/wps_ppt_automation.py) that interacts with Microsoft PowerPoint or WPS Presentation through the Windows COM (Component Object Model) interface. This allows the skill to programmatically control the office software to read and manipulate presentation data. - [EXTERNAL_DOWNLOADS]: The skill requires the installation of the
pywin32library, typically via a package manager like pip, to enable COM automation on Windows. - [PROMPT_INJECTION]: The skill processes untrusted content from external presentation files, which presents a surface for indirect prompt injection attacks.
- Ingestion points: Untrusted text, titles, and speaker notes are extracted from
.pptxor compatible files inscripts/wps_ppt_automation.py. - Boundary markers: Extracted text is returned to the agent context without delimiters or instructions to ignore instructions embedded within the text.
- Capability inventory: The skill has the capability to read local files and write output in various formats (TXT, PDF, PNG, PPTX) to the local filesystem.
- Sanitization: No sanitization or filtering is performed on the text strings extracted from presentations before they are processed by the agent.
Audit Metadata