word-documents
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The scripts analyze.py, comments.py, compare.py, create.py, format.py, merge.py, and track_changes.py automatically install python-docx, lxml, and docxcompose from PyPI using pip if they are missing at runtime.\n- [COMMAND_EXECUTION]: The convert.py script executes the pandoc system binary via the subprocess module to handle document conversions, allowing for the inclusion of arbitrary extra arguments provided by the user.\n- [PROMPT_INJECTION]: The skill's ability to process untrusted external files (.docx, .md, .html, .json) creates a surface for indirect prompt injection attacks.\n
- Ingestion points: Input files provided to processing scripts, specifically those parsed by the Document objects in the scripts folder.\n
- Boundary markers: There are no boundary markers or instructions used to isolate external content from the agent's internal logic.\n
- Capability inventory: The skill possesses the capability to perform file system operations (read/write), execute external processes (pandoc), and install software packages.\n
- Sanitization: The skill does not perform any sanitization, filtering, or validation of content extracted from processed documents before it is used in subsequent operations.
Audit Metadata