kordoc-korean-document-parser
Pass
Audited by Gen Agent Trust Hub on Mar 31, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs the document parsing library 'kordoc' and its peer dependency 'pdfjs-dist' from the official NPM registry, which are standard for the skill's stated purpose.
- [COMMAND_EXECUTION]: The skill provides instructions to execute CLI tools and MCP servers via 'npx', enabling high-level document manipulation tasks like parsing, comparison, and form extraction.
- [DATA_EXFILTRATION]: The CLI 'watch' mode supports a '--webhook' parameter, allowing the tool to notify external systems of completed tasks. While this transmits data, it is a documented feature controlled by the user.
- [PROMPT_INJECTION]: As a document parser, the skill is naturally exposed to indirect prompt injection where malicious instructions embedded in HWP or PDF files could be presented to the AI agent during processing.
- Ingestion points: Files processed via the 'parse' function and MCP tools like 'parse_document'.
- Boundary markers: The skill does not currently specify explicit delimiters to separate parsed document content from system instructions.
- Capability inventory: The skill allows file system reading and optional network notifications via webhooks.
- Sanitization: Content is converted to Markdown structure, but the semantic content of the document is not sanitized for instructions targeting the AI.
Audit Metadata