Security audit

X 92bilal26 Pptx

Security checks across malware telemetry and agentic risk

Overview

This skill performs normal PowerPoint creation, inspection, and editing workflows, with document-editing risks that are disclosed and proportionate to its purpose.

Install only if you want agent-assisted PowerPoint work. Use copies of important presentations, review replacement JSON before bulk text replacement, and avoid processing untrusted PPTX files unless document-conversion tools are patched and run in a constrained environment.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (5)

Vague Triggers

Medium

Confidence: 94% confidence
Finding: The activation text is extremely broad: it covers creating, editing, analyzing, layouts, notes, and effectively 'any other presentation tasks.' This can cause the skill to be invoked in situations beyond its narrowly intended scope, increasing the chance that untrusted presentation files or ambiguous user requests trigger file-processing behavior unexpectedly.

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The description ends with a broad catch-all trigger such as 'any other presentation tasks,' which can cause the skill to activate for loosely related requests. Over-broad routing increases the chance the agent will use powerful file/shell workflows in contexts where a safer or narrower tool would be more appropriate.

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The editing workflow directs the agent to unpack, edit, validate, and repack existing presentations, but it does not upfront require warning the user that the original content may be altered or that backups should be made. In a file-modifying skill, lack of prominent disclosure increases the risk of accidental destructive changes to valuable documents.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The replacement workflow states that shapes not listed in the replacement JSON are automatically cleared, but this destructive behavior is buried within implementation details instead of being surfaced as a prominent warning before the workflow begins. That makes data loss plausible if the operator provides incomplete replacement data or misunderstands the inventory.

Missing User Warnings

Low

Confidence: 90% confidence
Finding: If soffice is unavailable, validation is silently bypassed and the function returns success, which defeats the safety check intended to detect corrupt or malformed Office packages. In an agent skill that creates and modifies PPTX/OOXML files, this can allow invalid or dangerous content to be emitted as if it were verified, increasing downstream risk and making failures harder to detect.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal