convert-doc
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute a local Python script located at
~/.claude/lib/document-converter.py. It provides examples of shell commands including loops that process multiple files. If file paths or filenames containing shell metacharacters are passed to these commands without proper escaping, it could lead to command injection. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because its primary function is to ingest, convert, and summarize untrusted external documents (PDF, Word, etc.).
- Ingestion points: Reads local files in .pdf, .docx, .pptx, .xlsx, and .rtf formats.
- Boundary markers: None identified in the output structure to delimit the converted content or warn the agent about potentially malicious instructions within the document.
- Capability inventory: The skill uses a converter script and supports subagent delegation to process content.
- Sanitization: No sanitization or filtering of the document's text content is described before it is presented to the agent.
Audit Metadata