pptx

This skill/documentation is a legitimate and coherent set of instructions for creating, editing, and analyzing PPTX files and their OOXML internals. I found no direct malicious code, credential harvesting, or exfiltration behavior in the provided content. However, it has notable supply-chain and operational risks: unpinned global installs (npm/pip/apt), reliance on many third-party native tools (LibreOffice, Poppler, sharp, playwright), and no guidance to use isolated environments or pin package versions. These factors increase the chance of compromise through malicious or compromised packages or native-tool vulnerabilities when processing untrusted input. Recommended mitigations: use virtualenv/container builds, prefer project-local npm installs, pin versions/checksums, validate third-party tooling, and treat untrusted PPTX/PDF files cautiously (sandboxed processing).