Security — Advanced Snippet Editor
The Advanced Snippet Editor executes C# code at runtime. PPPTools protects your system through multiple security layers before any script is run.
Security Layers
1. Restricted API
Scripts in the Advanced Snippet Editor have no direct access to PowerPoint objects. All operations run exclusively through ppptools.* methods:
oSlide→ not availableaPowerPoint→ not availableHelper.*(legacy API) → not available
This prevents uncontrolled access to the PowerPoint application.
2. Code Scanner
Before a script runs, PPPTools automatically checks the code for known dangerous patterns. Detected issues result in either a warning or the script being blocked:
| Level | Behavior |
|---|---|
| Blocked | Script is not executed. Error is shown in the editor. |
| Warning | Script runs, but a notice is shown. |
| Clean | No issues detected. |
3. Blocked Patterns
The following patterns are detected by the code scanner and will block execution:
| Pattern | Reason |
|---|---|
oSlide |
Legacy API — no longer available |
aPowerPoint |
Legacy API — no longer available |
Helper. |
Legacy helper class — no longer available |
System.Net |
Network access forbidden |
HttpClient |
HTTP requests forbidden |
WebClient |
HTTP requests forbidden |
System.IO |
File access forbidden |
File.Write |
Writing files forbidden |
File.Delete |
Deleting files forbidden |
System.Diagnostics.Process |
Process launch forbidden |
Process.Start |
Process launch forbidden |
Microsoft.Win32 |
Registry access forbidden |
Registry.SetValue |
Writing registry forbidden |
Activator.CreateInstance |
Dynamic loading forbidden |
Assembly.Load |
Loading assemblies forbidden |
DllImport |
Native DLL calls forbidden |
unsafe |
Unsafe code (pointer access) forbidden |
extern |
External method declarations forbidden |
Environment.Exit |
Terminates the PowerPoint process — forbidden |
GC.Collect |
Manual garbage collection forbidden |
4. Warning Patterns
The following patterns generate a warning but do not block execution:
| Pattern | Reason |
|---|---|
Type.GetType |
Reflection — potentially dangerous |
System.Reflection |
Reflection usage |
System.Runtime.InteropServices |
Native interop |
5. Assembly Restriction
The Roslyn scripting environment only loads explicitly allowed assemblies. System.dll — the umbrella assembly containing System.Net, System.IO and System.Diagnostics — is intentionally not loaded. A script that writes e.g. new HttpClient() will therefore fail at compile time even if the code scanner missed it.
6. Timeout (30 seconds)
Every script execution is automatically cancelled after 30 seconds. This prevents a while(true){} from freezing PowerPoint indefinitely.
Trust Dialog (Public Library)
Snippets from the public library require confirmation via a trust dialog before the first run:
- PPPTools shows the name, description and author of the snippet
- The user explicitly confirms trust in the snippet
- Only then is the code executed
Snippets from your own local library are always trusted (you created them yourself).
No Support for Custom Scripts
Important
PPPTools provides no support for custom scripts.
Faulty or malicious scripts can have unexpected effects on the open presentation.
Scripts from the public library have been reviewed, but PPPTools accepts no liability.
For Administrators
The code scanner runs twice on every draft upload: once in the add-in (before the HTTP request) and once on the server (when the ZIP is received). This ensures that uploads sent directly to the API, bypassing the add-in, are also scanned.
| Scan result | What happens |
|---|---|
| Blocked | Draft is not saved (HTTP 422 with reason) |
| Warning | Draft is saved, marked with a yellow badge in the admin area |
| Clean | Draft is saved, marked with a green badge in the admin area |
Note for authors
A warning badge does not automatically mean the script is dangerous — it means the admin will review the code manually. If you legitimately use reflection or interop, briefly explain this in the snippet description.