skills/ninehills/skills/pptx/Gen Agent Trust Hub

pptx

Warn

Audited by Gen Agent Trust Hub on Jun 21, 2026

Risk Level: MEDIUMREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The script scripts/office/soffice.py performs dynamic code execution by writing a C source file to the temporary directory and compiling it into a shared object (.so) using gcc at runtime. This compiled library is then loaded into subprocesses using the LD_PRELOAD environment variable to intercept system calls related to AF_UNIX sockets.
  • [COMMAND_EXECUTION]: The skill frequently invokes shell commands via subprocess.run, including gcc for compilation, soffice for document conversion, pdftoppm for image generation, and git for generating diffs.
  • [EXTERNAL_DOWNLOADS]: The skill documentation instructs the installation of several external dependencies from public registries and well-known services, including markitdown, Pillow, and pptxgenjs. It also relies on system-level software like LibreOffice and Poppler.
  • [SAFE]: The skill uses defusedxml for XML processing across multiple scripts (scripts/office/validators/base.py, scripts/clean.py, scripts/office/helpers/merge_runs.py, etc.), which is a best practice for preventing XML External Entity (XXE) attacks.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Jun 21, 2026, 06:42 AM
Security Audit — agent-trust-hub — pptx