Skills
skills/carlheath/ogmios/convert-doc/Gen Agent Trust Hub

convert-doc

Pass

Audited by Gen Agent Trust Hub on Feb 26, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to Indirect Prompt Injection because it ingests and processes untrusted external data from documents (PDF, Word, PowerPoint, Excel) and feeds the result into the agent's context. . .
  • Ingestion points: External document files including .pdf, .docx, .pptx, .xlsx, and .rtf. . .
  • Boundary markers: The documentation does not mention any delimiters or instructions to ignore embedded prompts within the converted text. . .
  • Capability inventory: The skill executes local Python scripts and has the ability to read and write files to the user's home directory (~/.claude/cache/). . .
  • Sanitization: No sanitization or filtering of the document content is described before it is presented to the agent.
  • [COMMAND_EXECUTION]: The skill uses the command line to execute a local Python script (~/.claude/lib/document-converter.py) for document processing. This is a standard functional pattern for this type of skill but involves executing code with file path arguments provided by the user.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 26, 2026, 09:15 PM