pptx
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The
ooxml/scripts/unpack.pyscript useszipfile.extractall()to process user-provided Office documents. This lacks path validation for ZIP entries, exposing a 'Zip Slip' vulnerability surface where malicious archives could attempt to write files outside the intended output directory. - [Unverifiable Dependencies & Remote Code Execution] (LOW): The
ooxml/scripts/pack.pyscript executes thesofficecommand viasubprocess.runfor document validation. This introduces a dependency on external system binaries. - [Data Exposure & Exfiltration] (SAFE): No hardcoded credentials or external data exfiltration patterns were detected. The skill primarily performs local file manipulations.
- [Dynamic Execution] (SAFE): The skill uses
defusedxmlto safely handle XML parsing in several components, though standardlxmlis used indocx.py.
Audit Metadata