pptx
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- COMMAND_EXECUTION (MEDIUM): In
ooxml/scripts/unpack.py, the skill useszipfile.ZipFile.extractall()to unpack Office documents. This method is susceptible to 'Zip Slip' directory traversal attacks, allowing a malicious archive with specially crafted filenames (e.g., using..) to write or overwrite files outside the intended output directory. - DATA_EXFILTRATION (MEDIUM): In
ooxml/scripts/validation/docx.py, the skill useslxml.etree.parse()to process XML files extracted from the document. Without explicit security configuration (such as disabling entity resolution), this is vulnerable to XML External Entity (XXE) attacks, which could be used to read local sensitive files or perform internal network requests if a malicious document is processed. - COMMAND_EXECUTION (LOW): In
ooxml/scripts/pack.py, the skill usessubprocess.runto call thesoffice(LibreOffice) binary for document validation. While the parameters are mostly controlled, it represents an execution of a system binary with paths influenced by user input. - DATA_EXPOSURE (LOW): The skill processes potentially sensitive Office documents locally but lacks comprehensive sanitization of the extracted contents before further processing in the validation scripts.
Audit Metadata