doc
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Recommends standard, reputable packages (libreoffice, poppler, python-docx) from official system and language repositories.
- [COMMAND_EXECUTION]: Uses
subprocess.runwith list-based arguments to executesofficeandpdftoppminscripts/render_docx.py, which prevents shell injection. - [PROMPT_INJECTION]: Processing external documents creates an indirect prompt injection surface.
- Ingestion points: Document reading workflow in
SKILL.mdand file input inscripts/render_docx.py. - Boundary markers: None.
- Capability inventory: System binary execution and local file writing.
- Sanitization: None.
Audit Metadata