← All tools

pptx

SKILL

Use this skill any time a .pptx file is involved in any way — as input, output, or both. This includes: creating slide decks, pitch decks, or presentations; reading, parsing, or extracting text from any .pptx file (even if the extracted content will be used elsewhere, like in an email or summary); editing, modifying, or updating existing presentations; combining or splitting slide files; working with templates, layouts, speaker notes, or comments. Trigger whenever the user mentions "deck," "slides," "presentation," or references a .pptx filename, regardless of what they plan to do with the content afterward. If a .pptx file needs to be opened, created, or touched, use this skill.

v1.0.0 Tested 8 Feb 2026
5.6

Dimension scores

Security 4.0
Reliability 7.0
Agent usability 4.0
Compatibility 7.0
Code health 7.0

Compatibility

Framework Status Notes
Claude Code No MCP server implementation found - only Python scripts without MCP protocol, No stdio transport implementation, No tools/list endpoint, This is a skill/documentation package, not an MCP server
OpenAI Agents SDK No MCP server implementation, No SSE or HTTP transport, Scripts are standalone utilities, not MCP tools, Would require wrapper to expose as MCP server
LangChain ~ Not an MCP server - these are Python functions that could be wrapped, Functions like unpack(), pack(), merge_runs() are well-structured, Could be converted to LangChain StructuredTools with adapters, Input/output types are serializable (paths, strings, ints), No state conflicts with LangChain execution model

Security findings

HIGH

Path traversal vulnerability in clean.py

Line 52-60: User-provided unpacked_dir is used to construct file paths with no validation. A malicious input like '../../../etc' could allow reading/deleting files outside intended directory. Path.resolve() is used but files are deleted without checking if they remain within the intended directory tree.

HIGH

Arbitrary code execution via subprocess in soffice.py

Line 28-30: run_soffice() accepts arbitrary args list and passes it directly to subprocess.run(['soffice'] + args). No input validation on args. Line 84-87: _ensure_shim() compiles C code from string using subprocess.run(['gcc', ...]) with paths derived from user input, enabling potential command injection.

HIGH

Unsafe XML parsing allows XXE attacks

Multiple files use defusedxml.minidom which provides limited XXE protection, but then call .toxml() and write raw bytes back. Files like pack.py (line 116), unpack.py (line 67-68), and clean.py use defusedxml.minidom.parse() but don't validate schema or restrict entity expansion in output operations.

MEDIUM

Insufficient validation of file extensions

MEDIUM

Temporary file race conditions

MEDIUM

Missing error message sanitization

MEDIUM

Unbounded resource consumption

Reliability

Success rate

82%

Calls made

100

Avg latency

2500ms

P95 latency

4500ms

Failure modes

  • File I/O errors without structured error handling (file not found, permission denied)
  • XML parsing failures return generic exceptions rather than actionable error messages
  • Missing subprocess error handling in soffice.py and thumbnail.py - commands may fail silently
  • Path traversal validation missing - malicious ZIP files could write outside unpacked directory
  • No timeout protection on soffice conversion - hung processes could block indefinitely
  • Unicode handling edge cases in smart quote replacement may cause encoding errors
  • Large file handling unprotected - no size limits on ZIP extraction or XML parsing
  • Concurrent access to same unpacked directory could cause race conditions
  • Missing validation for required XML elements before access (KeyError, AttributeError)
  • Error messages often print to stderr/stdout without returning structured data

Code health

License

Proprietary

Has tests

No

Has CI

No

Dependencies

4

This is a skill module (not a standalone package) with reasonable code quality but no testing infrastructure. The codebase includes comprehensive documentation (SKILL.md, editing.md, pptxgenjs.md) and a proprietary license. Python scripts are well-structured with clear separation of concerns (validators, helpers, office utilities). Dependencies are minimal (defusedxml, lxml, PIL) with no obvious vulnerabilities. However, the lack of tests, CI pipeline, type hints, and version control history is concerning. The code appears production-ready for internal use but lacks the health signals expected of a public package. XSD schema files suggest thorough validation capabilities. Overall maintenance status cannot be assessed without git history.

View source on GitHub →