minimax-docx
Pass
Audited by Gen Agent Trust Hub on Mar 23, 2026
Risk Level: SAFEREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [REMOTE_CODE_EXECUTION]: The environment check script (
scripts/env_check.sh) displays instructions for downloading and executing the official .NET installation script fromhttps://dot.net/v1/dotnet-install.sh. This source is managed by Microsoft and recognized as a trusted vendor domain.\n- [COMMAND_EXECUTION]: The skill executesdotnet runto operate its document processing CLI and usessoffice(LibreOffice) for legacy format conversion. These operations are essential for the skill's documented document-processing purpose.\n- [COMMAND_EXECUTION]: The skill includes compiled binary executables and build artifacts in thebin/andobj/directories. While this is a best practice violation for source-distributed skills, it does not constitute an active security threat.\n- [PROMPT_INJECTION]: The skill contains a vulnerability surface for indirect prompt injection (Category 8) as it processes content from external documents and data files.\n - Ingestion points: Untrusted content is read from
.docx,.json, and.csvfiles inAnalyzeCommand.cs,EditContentCommand.cs, andCreateCommand.cs.\n - Boundary markers: No explicit markers or delimiters are used to isolate ingested content from the agent's internal instructions.\n
- Capability inventory: The skill allows the agent to execute shell commands and modify the local filesystem.\n
- Sanitization: No content filtering or input sanitization logic was found in the provided source code.\n Note: This surface is common in document processing tools and is considered a low risk when handled within the primary skill scope.
Audit Metadata