docx-perfect
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill requires the execution of Python scripts and inline commands (e.g.,
python -c "...") to perform document analysis, table creation, and formatting operations. This is central to its functionality. - [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection (Category 8).
- Ingestion points: The skill reads external data from Word documents using
docx.Document('source.docx')as seen inSKILL.mdandscripts/template.py. - Boundary markers: There are no boundary markers or delimiters used when printing the content of the document paragraphs into the agent's context, making it easier for an attacker to inject instructions.
- Capability inventory: The skill utilizes file system read/write capabilities via the
python-docxlibrary and directory listing via theglobmodule. - Sanitization: No sanitization, filtering, or escaping is performed on the text extracted from the document before it is processed by the agent.
- [EXTERNAL_DOWNLOADS]: The skill depends on the
python-docxlibrary. While this is a well-known and standard library for document manipulation, users should ensure it is installed from a trusted registry.
Audit Metadata