pptx-merge
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface typical for document processing tools, as it ingests data from external manifests and PowerPoint files.\n
- Ingestion points: The
scripts/merge.pyscript reads a JSON manifest file and multiple.pptx(ZIP-compressed) archives as specified by the user or agent.\n - Boundary markers: The skill does not employ specific boundary markers or instructions to ignore embedded content within the source files, though it processes them as opaque XML units.\n
- Capability inventory: The skill has the capability to read and write files on the local filesystem using Python's
pathlibandzipfilemodules, and it can manipulate XML structures usinglxml.\n - Sanitization: The implementation uses standard, safe parsing libraries (
json.loads,lxml.etree) and leveragesPath.resolve()for path handling, which follows best practices for local file operations and mitigates basic path traversal.\n- [COMMAND_EXECUTION]: The main agent instructions (SKILL.md) suggest the use of thesoffice(LibreOffice) command-line tool for converting the merged PPTX output to PDF for verification purposes. This is a common and legitimate practice for document automation workflows.\n- [EXTERNAL_DOWNLOADS]: The skill documentation instructs the user to install thelxmlPython library from the official PyPI registry. This is a standard dependency for high-performance XML processing and is a well-known service.
Audit Metadata