Skills
skills/brucevanfdm/docugenius-converter-skill/docugenius-converter/Gen Agent Trust Hub

docugenius-converter

Pass

Audited by Gen Agent Trust Hub on Mar 24, 2026

Risk Level: SAFECOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes shell commands via wrapper scripts (convert.sh, convert.ps1, convert.bat) and Python's subprocess module to perform document conversions and environment setup.
  • Evidence: scripts/convert_document.py uses subprocess.run to call pip install and node scripts.
  • [REMOTE_CODE_EXECUTION]: The skill automatically downloads and installs external dependencies from official package registries (PyPI and NPM) if they are missing from the user's environment.
  • Evidence: install_dependencies function in scripts/convert_document.py and _ensure_shared_node_modules which triggers npm install.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection as it extracts and presents untrusted content from external documents (PDF, DOCX, XLSX, PPTX) directly to the agent's context.
  • Ingestion points: Untrusted data enters the context through scripts/convert_document.py during the extraction process.
  • Boundary markers: Absent. The skill does not instruct the agent to use delimiters or ignore instructions found within the converted text.
  • Capability inventory: The agent has the capability to execute shell commands, write files to the local directory, and access the network via package managers.
  • Sanitization: The skill performs basic Markdown syntax escaping to ensure formatting consistency but does not filter or sanitize the content for malicious instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 24, 2026, 04:05 AM