The Agent Skills Directory

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

Third-party content exposure detected (high risk: 0.70). The skill directly reads and parses user-supplied .docx files (e.g., Document('source.docx') in workflow.md and Document(INPUT_FILE) in scripts/template.py) and extracts/uses paragraph text as part of its processing, so untrusted document content could carry indirect prompt-injection instructions.

docx-perfect