office-to-md
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted external data in the form of Office documents and converts them to Markdown for processing by the agent. This creates a surface for indirect prompt injection.
- Ingestion points: Processes various formats including .docx, .xlsx, .pptx, .pdf, and images using the
markitdownlibrary in multiple code examples throughoutSKILL.md. - Boundary markers: No delimiters or safety instructions are used to separate the converted document content from the agent's instructions.
- Capability inventory: The skill allows for file system reading and writing, as well as network interaction via the Anthropic API for image/audio processing.
- Sanitization: The skill does not perform sanitization or validation of the text extracted from documents before presenting it to the agent.
- [EXTERNAL_DOWNLOADS]: The skill instructions include the installation of
markitdownandanthropiclibraries. These are sourced from well-known providers and official package registries.
Audit Metadata