document-quality-standards
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill processes untrusted document formats (PDF, DOCX, XLSX, PPTX), which represents an attack surface for indirect prompt injection. Ingestion points: File paths passed to pdftoppm and soffice in SKILL.md. Boundary markers: No specific delimiters or instructions to ignore embedded instructions are used when processing document content. Capability inventory: Execution of system utilities (soffice, pdftoppm) and use of the openpyxl Python library for spreadsheet manipulation. Sanitization: The skill performs basic replacement of non-breaking hyphens and dashes with ASCII equivalents.
- [Command Execution] (SAFE): Shell commands for pdftoppm and libreoffice are used specifically for the skill's primary purpose of document conversion and visual verification.
- [Prompt Injection] (SAFE): No instructions attempting to override agent safety filters or ignore previous instructions were found.
- [Obfuscation] (SAFE): No hidden or encoded malicious content detected; Unicode references are specifically for character cleaning and typography hygiene.
Audit Metadata