docx
Warn
Audited by Snyk on Feb 15, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.80). The skill explicitly unpacks and parses arbitrary user-supplied .docx files (see ooxml/scripts/unpack.py and scripts/document.py which read and operate on word/document.xml, and the pandoc-based text-extraction workflow), so the agent ingests and interprets untrusted user-generated document content at runtime.
Audit Metadata