doc-importer
Pass
Audited by Gen Agent Trust Hub on Apr 13, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill includes a surface for indirect prompt injection by processing external documents from URLs or local paths. It mitigates this risk through a defined sanitization step.
- Ingestion points: External documents (PDF, DOCX, PPTX, XLSX, HTML) identified in Step 1.
- Boundary markers: Step 4 explicitly mandates wrapping converted content in external content boundary markers.
- Capability inventory: File reading (Step 1), external tool invocation for conversion (Step 2), and file writing (Step 5).
- Sanitization: Step 4 includes a checklist to strip system/instruction tags and truncate sections over 2000 words.
Audit Metadata