pptx
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- COMMAND_EXECUTION (SAFE): The
pack.pyutility invokes thesofficecommand to validate that the repacked Office files are not corrupt. This is handled viasubprocess.runwith a list of arguments, which is a secure way to execute system commands without shell injection risks.\n- INDIRECT_PROMPT_INJECTION (SAFE): The skill processes external Office documents, creating a surface for indirect prompt injection. However, it mitigates common XML-based attacks by usingdefusedxmlfor parsing.\n - Ingestion points: Office documents (.docx, .pptx, .xlsx) are ingested via
unpack.py,pack.py, andrearrange.py.\n - Boundary markers: Not explicitly defined in the scripts.\n
- Capability inventory: The skill possesses file system read/write capabilities and the ability to execute the
sofficevalidation command.\n - Sanitization: The skill employs
defusedxmlto parse and format XML content, significantly reducing the risk of XXE and related XML vulnerabilities. Note that whiledocx.pyuseslxml.etree, the primary extraction and formatting logic inunpack.pyandpack.pyutilizes safe parsers.
Audit Metadata