Skills
skills/nickcrew/claude-ctx-plugin/pptx/Gen Agent Trust Hub

pptx

Pass

Audited by Gen Agent Trust Hub on Jun 20, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses subprocess.run to interact with system utilities for document processing tasks. Specifically, it calls soffice (LibreOffice) for document validation and conversion in ooxml/scripts/pack.py and scripts/thumbnail.py, pdftoppm for image generation in scripts/thumbnail.py, and git for version comparison in ooxml/scripts/validation/redlining.py.
  • [EXTERNAL_DOWNLOADS]: The setup instructions guide the user to install several standard dependencies from official registries (PyPI and NPM) as well as necessary system-level utilities.
  • [SAFE]: The skill utilizes the defusedxml library for processing XML content in ooxml/scripts/unpack.py and ooxml/scripts/pack.py, which is a recognized best practice for mitigating common XML security risks like external entity expansion (XXE).
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 20, 2026, 10:22 PM
Security Audit — agent-trust-hub — pptx