Skills
skills/aaaaqwq/agi-super-skills/docx/Gen Agent Trust Hub

docx

Pass

Audited by Gen Agent Trust Hub on Mar 5, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The instructions contain steering directives such as 'MANDATORY
  • READ ENTIRE FILE' and 'NEVER set any range limits.' These are functional requirements intended to ensure the agent maintains full context for complex document manipulation and are considered safe within the primary use-case.
  • [COMMAND_EXECUTION]: The skill relies on local binaries including pandoc for text extraction, soffice for PDF conversion, and git for generating tracked change diffs. These operations are executed on local files using controlled parameters.
  • [COMMAND_EXECUTION]: Programmable document creation is performed by the agent generating and executing JavaScript code using the docx library. This is the intended design for document generation within the skill.
  • [SAFE]: The skill correctly mitigates XML-based vulnerabilities, such as XML External Entity (XXE) attacks, by using the defusedxml library for all document parsing and editing tasks.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 5, 2026, 07:56 AM