wps-word
Pass
Audited by Gen Agent Trust Hub on Mar 22, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Surface for Indirect Prompt Injection. The skill reads and processes content from active Word documents without implementing security boundaries or delimiters to isolate data from instructions.
- Ingestion points: The skill retrieves document metadata, full text, and comments using
wps_get_active_document,getDocumentText, andgetComments(SKILL.md). - Boundary markers: Absent. No explicit markers (e.g., delimiters) or instructions to treat document content as untrusted data are provided.
- Capability inventory: The skill uses
wps_execute_methodto perform high-impact actions like finding and replacing text, inserting hyperlinks, and modifying document structure (SKILL.md). - Sanitization: No content sanitization or validation is specified before the data is analyzed by the agent.
Audit Metadata