Skills
skills/marcioaltoe/skills/pptx/Gen Agent Trust Hub

pptx

Warn

Audited by Gen Agent Trust Hub on Jun 21, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill relies on external system utilities for core functionality, including document rendering and revision analysis.
  • scripts/thumbnail.py and scripts/office/soffice.py execute soffice (LibreOffice) to perform headless PDF conversions.
  • scripts/thumbnail.py executes pdftoppm to generate slide images.
  • scripts/office/validators/redlining.py executes git diff to analyze document changes.
  • [DYNAMIC_EXECUTION]: scripts/office/soffice.py implements a mechanism for runtime compilation and process injection.
  • The script programmatically writes C source code to the system's temporary directory.
  • It invokes gcc to compile the source into a shared object library (.so).
  • It uses the LD_PRELOAD environment variable to inject the compiled library into the LibreOffice process. This technique shims low-level socket functions to allow the engine to function in environments with specific networking restrictions.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Jun 21, 2026, 06:49 PM
Security Audit — agent-trust-hub — pptx