pptx
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [SAFE] (SAFE): No malicious behavior detected. The skill performs legitimate document processing tasks.
- [COMMAND_EXECUTION] (SAFE): The file ooxml/scripts/pack.py uses subprocess.run to call soffice for document validation. This is a controlled execution of a known binary with specific parameters essential to the skill's primary purpose.
- [DATA_EXPOSURE] (SAFE): File access is limited to the input/output paths provided via command-line arguments. No sensitive files are accessed.
- [INDIRECT_PROMPT_INJECTION] (SAFE): The skill processes OOXML documents. 1. Ingestion points: unpack.py, rearrange.py, and validate.py read document files. 2. Boundary markers: None present. 3. Capability inventory: pack.py executes soffice for validation and scripts perform file writes. 4. Sanitization: Uses defusedxml to mitigate XML-based attacks.
Audit Metadata