bggg-creator-image2ppt

Pass

Audited by Gen Agent Trust Hub on Jun 21, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The script scripts/image2pptx.py invokes the libreoffice or soffice binary using subprocess.run to handle optional PDF conversion. While it correctly uses an argument list rather than a shell string to prevent command injection, it represents an external binary dependency that must be present on the host system.
  • [DATA_EXFILTRATION]: The path resolution logic in scripts/html_svg_to_manifest.py and scripts/image2pptx.py uses Path.resolve() on file references found within user-provided HTML or SVG files. There is no check to ensure these paths are constrained to the project directory, potentially allowing a malicious input to include arbitrary local image files in the generated PowerPoint file.
  • [PROMPT_INJECTION]: As an indirect prompt injection surface, the skill processes untrusted HTML and SVG data. Maliciously crafted design files could contain hidden text or metadata intended to influence the agent's reasoning during the layout analysis and manifest generation phases.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 21, 2026, 06:42 AM
Security Audit — agent-trust-hub — bggg-creator-image2ppt