Skills
skills/bighardperson/computer-science-skills-collection/pptx/Gen Agent Trust Hub

pptx

Warn

Audited by Gen Agent Trust Hub on May 18, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill invokes several external command-line utilities to perform document conversion, visual analysis, and comparison.
  • scripts/thumbnail.py executes soffice (LibreOffice) to convert presentations to PDF and pdftoppm to generate images.
  • scripts/office/validators/redlining.py executes git diff to compare text content.
  • scripts/office/soffice.py executes gcc to compile a shared library.
  • [REMOTE_CODE_EXECUTION]: The skill uses dynamic code generation and process injection techniques to facilitate execution in restricted environments.
  • scripts/office/soffice.py contains embedded C source code which it writes to disk at runtime.
  • The script compiles this code into a shared object (.so) and then uses the LD_PRELOAD environment variable to inject it into the LibreOffice process to override standard library socket calls. This is a highly technical pattern that could be abused if the source code were modified.
Audit Metadata
Risk Level
MEDIUM
Analyzed
May 18, 2026, 01:02 AM
Security Audit — agent-trust-hub — pptx