docx-manipulation
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [SAFE]: The skill focuses on document manipulation using the legitimate python-docx library. Analysis shows no malicious behavior or safety guideline bypasses.
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface due to its ability to read external file content.
- Ingestion points: The extract_text_from_docx and fill_docx_template tools read content from Word files.
- Boundary markers: No delimiters or instructions to ignore embedded content are defined in the domain knowledge or prompts.
- Capability inventory: The agent generates and executes Python code for document processing.
- Sanitization: No validation or filtering is applied to the content of the processed Word documents.
- [COMMAND_EXECUTION]: The skill facilitates the generation and local execution of Python scripts for the purpose of document manipulation, which is consistent with its intended functionality and utilizes a trusted library.
Audit Metadata