pptx
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- COMMAND_EXECUTION (LOW): The script 'ooxml/scripts/pack.py' executes the 'soffice' (LibreOffice) binary to validate document integrity after repacking. * Evidence: 'subprocess.run' is used with a list of arguments in the 'validate_document' function. * Context: This is a legitimate functional requirement for verifying that modified OOXML is valid. The use of an argument list prevents shell injection.
- INDIRECT_PROMPT_INJECTION (LOW): The skill processes external Office files, which are untrusted data sources. * Ingestion points: 'ooxml/scripts/unpack.py' (via zip extraction) and 'scripts/rearrange.py' (via pptx parsing). * Boundary markers: Not explicitly implemented in prompt logic, though data is handled as structured XML. * Capability inventory: Includes local filesystem access and execution of the LibreOffice binary. * Sanitization: Uses 'defusedxml' for XML parsing in several scripts, providing protection against XXE and expansion attacks.
Audit Metadata