pptx
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWCOMMAND_EXECUTION
Full Analysis
- [Unverifiable Dependencies & Remote Code Execution] (LOW): The script 'ooxml/scripts/pack.py' utilizes 'subprocess.run' to execute 'soffice' for document validation. This is a local execution of a system utility used for a legitimate purpose (headless file conversion for validation).
- [Indirect Prompt Injection] (LOW): The skill processes external Office documents which are inherently untrusted data sources. It implements strong mitigations by using 'defusedxml' during the unpacking and repacking stages to prevent XML-based exploits. The 'lxml.etree.parse' calls in 'ooxml/scripts/validation/docx.py' act on files already sanitized by the initial 'defusedxml' pass.
Audit Metadata