office-mcp
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFENO_CODEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [NO_CODE]: The skill submission consists only of documentation and metadata in SKILL.md and does not include any bundled executable scripts or source code.
- [EXTERNAL_DOWNLOADS]: The skill documentation lists several standard Node.js libraries required for operation, such as pdf-lib and xlsx, which are fetched from public registries. It also utilizes tesseract.js, which may download language-specific OCR data from official repositories at runtime.
- [COMMAND_EXECUTION]: Installation requires executing standard terminal commands including npm install and npm run build, and manually configuring the agent environment to run a local Node.js process.
- [PROMPT_INJECTION]: The skill parses content from external document formats, creating an indirect prompt injection surface. 1. Ingestion points: Data enters the agent context through extraction tools such as extract_text_from_pdf and read_xlsx (SKILL.md). 2. Boundary markers: The documentation does not specify the use of delimiters or warnings to ignore embedded instructions in the extracted text. 3. Capability inventory: The skill provides comprehensive file creation and conversion capabilities across various Office formats (SKILL.md). 4. Sanitization: No explicit validation or sanitization of document content is described in the provided materials.
Audit Metadata