docx-to-markdown
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- PROMPT_INJECTION (LOW): The SKILL.md file contains 'IMPORTANT Task Planning Notes' that issue direct commands to the AI agent on how to structure its reasoning (e.g., 'Always plan and break many small todo tasks'). While helpful for task hygiene, these are technically instruction injections designed to influence agent behavior.
- EXTERNAL_DOWNLOADS (SAFE): The skill requires mammoth, turndown, and @truto/turndown-plugin-gfm. These are standard, reputable Node.js packages for document conversion from the npm registry and are considered safe dependencies for this utility.
- COMMAND_EXECUTION (SAFE): The skill utilizes local Node.js scripts to perform its core function. This usage is transparent and aligns with the tool's stated purpose.
- PROMPT_INJECTION (LOW): The skill has a surface for indirect prompt injection. [1] Ingestion points: Processes external .docx files via the convert.cjs script. [2] Boundary markers: Absent; converted text is not explicitly delimited for the agent. [3] Capability inventory: The agent has Bash, Read, and Write permissions. [4] Sanitization: No sanitization is performed on converted content, meaning instructions embedded in a Word document could be obeyed by the agent.
Audit Metadata