docx
Pass
Audited by Gen Agent Trust Hub on Apr 16, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill executes external command-line tools for core functionality:
pandocis used for high-fidelity text extraction to Markdown.soffice(LibreOffice) is invoked inooxml/scripts/pack.pyto validate the integrity of repacked OOXML files.git diffis used inooxml/scripts/validation/redlining.pyto facilitate character-level content verification.pdftoppmis used for document-to-image conversion tasks.- [EXTERNAL_DOWNLOADS]: The documentation guides the installation of standard document processing dependencies via package managers (apt, npm, pip), including
pandoc,docx,libreoffice, anddefusedxml. - [SAFE]: The skill's Python components utilize the
defusedxmllibrary for all XML parsing. This prevents XML External Entity (XXE) vulnerabilities, ensuring the agent remains secure when processing untrusted document files. - [SAFE]: Shell commands for validation and comparison are restricted to fixed patterns and operate within controlled temporary directories created at runtime.
Audit Metadata