pptx-processing-anthropic
Fail
Audited by Gen Agent Trust Hub on May 16, 2026
Risk Level: HIGHPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: Deceptive metadata and author impersonation. The metadata in SKILL.md and the license file identify 'Anthropic' as the author, which conflicts with the provided attribution to 'lawve-ai'. Impersonating a trusted vendor is a technique used to misrepresent the origin and safety of a skill.
- [COMMAND_EXECUTION]: Runtime binary compilation and process injection. The soffice.py script generates C code, compiles it using gcc, and injects it into other processes via the LD_PRELOAD mechanism to hook system-level functions. This is a high-risk dynamic execution pattern.
- [COMMAND_EXECUTION]: Execution of shell commands. Multiple scripts utilize the subprocess module to run external binaries such as soffice, pdftoppm, and git to perform file processing tasks.
- [EXTERNAL_DOWNLOADS]: Dependencies on third-party software. The skill documentation requires the installation of various external Python and Node.js packages from public registries, including markitdown and pptxgenjs.
Recommendations
- AI detected serious security threats
Audit Metadata