Skills
skills/wizeline/sdlc-agents/editing-docx-files/Gen Agent Trust Hub

editing-docx-files

Warn

Audited by Gen Agent Trust Hub on Mar 14, 2026

Risk Level: MEDIUMCOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The script scripts/office/soffice.py performs runtime compilation of an embedded C source string using gcc. The resulting shared library is injected into the LibreOffice (soffice) process via the LD_PRELOAD environment variable to shim AF_UNIX socket operations. This dynamic execution and process injection pattern is used to bypass socket restrictions in sandboxed environments.
  • [COMMAND_EXECUTION]: The script scripts/accept_changes.py dynamically generates a LibreOffice Basic macro file (Module1.xba) within a temporary user profile and executes it using the soffice command line to automate the acceptance of tracked changes in documents.
  • [COMMAND_EXECUTION]: Multiple scripts, including scripts/office/unpack.py, scripts/office/pack.py, and scripts/office/validators/redlining.py, utilize subprocess.run to execute system utilities such as git, pandoc, and soffice for document processing and validation.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 14, 2026, 02:46 PM