Trust Assessment
pptx received a trust score of 65/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 5 findings: 0 critical, 3 high, 2 medium, and 0 low severity. Key findings include Arbitrary File Read via Image Inclusion, Arbitrary File Read via Presentation Loading, Data Exfiltration via Print Statement.
The analysis covered 4 layers: dependency_graph, manifest_analysis, llm_behavioral_safety, static_code_analysis. The llm_behavioral_safety layer scored lowest at 41/100, indicating areas for improvement.
Last analyzed on February 11, 2026 (commit 6195a031). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings5
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Arbitrary File Read via Image Inclusion The skill demonstrates adding an image from a specified file path (`image.png`). If an AI agent were to use this functionality with a user-controlled file path, it could be coerced into reading arbitrary files from the filesystem (e.g., `/etc/passwd`, sensitive application data). While `add_picture` expects an image, the underlying file read operation itself is a security concern, potentially leading to information disclosure or error messages revealing file existence/permissions. Implement strict validation and sanitization for any file paths provided by untrusted sources. Restrict file operations to a designated, isolated sandbox directory. Avoid allowing direct user input to dictate file paths for read operations. | Unknown | SKILL.md:39 | |
| HIGH | Arbitrary File Read via Presentation Loading The skill demonstrates loading an existing presentation from a specified file path (`existing.pptx`). If an AI agent were to use this functionality with a user-controlled file path, it could be coerced into reading arbitrary files from the filesystem. Although the `python-pptx` library would likely fail to parse non-PPTX files, the attempt to read the file constitutes an arbitrary file read vulnerability, which could lead to information disclosure. Implement strict validation and sanitization for any file paths provided by untrusted sources. Restrict file operations to a designated, isolated sandbox directory. Avoid allowing direct user input to dictate file paths for read operations. | Unknown | SKILL.md:69 | |
| HIGH | Data Exfiltration via Print Statement The skill includes a `print` statement that outputs the text content extracted from a presentation (`print(shape.text_frame.text)`). If the presentation being processed was loaded from an untrusted, user-controlled file path (as identified in the 'Arbitrary File Read via Presentation Loading' finding), and that file contains sensitive information, this `print` statement would directly exfiltrate that data into the LLM's context, making it visible to the user or subsequent prompts. Avoid printing or logging sensitive data extracted from untrusted sources. If data must be processed, ensure it is handled securely and not exposed to the LLM's output or context without explicit sanitization or redaction. Combine with file path sanitization to prevent reading sensitive files in the first place. | Unknown | SKILL.md:74 | |
| MEDIUM | Arbitrary File Write/Overwrite The skill demonstrates saving presentations to hardcoded file paths (`presentation.pptx`, `modified.pptx`). If an AI agent were to use this functionality with user-controlled file paths, it could be coerced into writing or overwriting arbitrary files on the filesystem. This could lead to data corruption, denial of service, or the injection of malicious content into system files or web server directories. Implement strict validation and sanitization for any file paths provided by untrusted sources. Restrict file write operations to a designated, isolated sandbox directory. Avoid allowing direct user input to dictate file paths for write operations. | Unknown | SKILL.md:30 | |
| MEDIUM | Arbitrary File Write/Overwrite The skill demonstrates saving presentations to hardcoded file paths (`presentation.pptx`, `modified.pptx`). If an AI agent were to use this functionality with user-controlled file paths, it could be coerced into writing or overwriting arbitrary files on the filesystem. This could lead to data corruption, denial of service, or the injection of malicious content into system files or web server directories. Implement strict validation and sanitization for any file paths provided by untrusted sources. Restrict file write operations to a designated, isolated sandbox directory. Avoid allowing direct user input to dictate file paths for write operations. | Unknown | SKILL.md:79 |
Scan History
Embed Code
[](https://skillshield.io/report/f5b22c16ed878a80)
Powered by SkillShield