Skills
skills/claude-office-skills/skills/doc-parser/Gen Agent Trust Hub

doc-parser

Pass

Audited by Gen Agent Trust Hub on Mar 5, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill requires the installation of the docling and pandas packages. docling is an established document understanding library maintained by IBM Research.\n- [PROMPT_INJECTION]: The skill processes untrusted external document data, creating a potential surface for indirect prompt injection.
  • Ingestion points: Data enters the agent context through DocumentConverter.convert() calls in multiple examples within SKILL.md.
  • Boundary markers: There are no delimiters or specific instructions provided to distinguish parsed document content from agent rules.
  • Capability inventory: The skill possesses file-writing capabilities as demonstrated in the batch_parse and extract_figures code snippets.
  • Sanitization: No sanitization or content validation is applied to the extracted text before it is presented or exported.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 5, 2026, 03:32 AM