docx-perfect
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (LOW): The workflow in
SKILL.mdusespython -cto execute a one-line script that extracts text fromsource.docx. While standard for this use case, shell-level execution of Python commands is a capability that should be monitored. - [PROMPT_INJECTION] (LOW): The skill is susceptible to Indirect Prompt Injection (Category 8) because it ingests untrusted data from external files.
- Ingestion points: Content is read from
source.docxusing thepython-docxlibrary in a shell command. - Boundary markers: Absent. The skill provides no instructions to the agent to distinguish between the document's data and potential malicious instructions embedded within that data.
- Capability inventory: The skill allows for command execution (
python -c) and references local scripts (scripts/create_table.py) to modify file system content. - Sanitization: None. The extracted text is printed directly to stdout and used to determine subsequent formatting steps without validation.
Audit Metadata