document-processing
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill defines procedures for extracting text and data from external office documents (PDF, Word, Excel), which represents an attack surface for indirect prompt injection.
- Ingestion points: The skill focuses on processing external files like .pdf, .xlsx, .docx, and .pptx.
- Boundary markers: There are no instructions provided for using delimiters or warnings to ignore embedded instructions within processed documents.
- Capability inventory: The guide describes capabilities for file reading, text extraction, and metadata manipulation using libraries such as pypdf, openpyxl, and python-docx.
- Sanitization: No mention of sanitization, escaping, or validation of content extracted from these external documents.
Audit Metadata