docx-generator
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches dependencies from the npm registry, including jszip, @xmldom/xmldom, and docx. These are standard, well-known libraries used for document manipulation and XML parsing.
- [COMMAND_EXECUTION]: The skill instructions direct the agent to execute local Deno scripts (analyze-template.ts, generate-from-template.ts, and generate-scratch.ts) to perform document operations. These scripts require file system permissions (--allow-read, --allow-write) to function.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted external data in the form of DOCX templates and JSON specifications.
- Ingestion points: Input files processed by scripts/analyze-template.ts, scripts/generate-from-template.ts, and scripts/generate-scratch.ts.
- Boundary markers: Absent. The scripts do not use specific delimiters or instructions to isolate the content of external files from the agent's control logic.
- Capability inventory: The skill can read and write files on the local file system but does not have network access or the ability to execute arbitrary shell commands.
- Sanitization: Absent. The scripts perform text extraction and replacement without sanitizing the content of the files being processed.
Audit Metadata