document-assembler
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The script
scripts/assemble_docx.pyusessubprocess.runto invoke thepandocbinary. This is a standard and necessary operation for converting Markdown source files into the docx format. The command is constructed using a list of arguments, which prevents shell injection vulnerabilities.- [PROMPT_INJECTION]: The skill processes external Markdown data, presenting a surface for indirect prompt injection. - Ingestion points: The scripts
scripts/assemble_docx.pyandscripts/generate_checklist.pyread content from all.mdfiles within a user-specified directory. - Boundary markers: There are no specific boundary markers or instructions to ignore embedded instructions within the processed data.
- Capability inventory: The skill possesses capabilities for filesystem read/write and execution of the
pandocutility via subprocess. - Sanitization: No content sanitization or validation of the input Markdown is performed prior to document assembly or checklist generation.
Audit Metadata