docx-to-latex
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill operates entirely on the local file system using Python's standard library modules (zipfile, xml.etree.ElementTree, pathlib). No external network connections or third-party dependencies are required.
- [SAFE]: Character escaping for LaTeX special characters is correctly implemented in both text and mathematical formula conversion, which prevents potential LaTeX injection attacks.
- [SAFE]: Image extraction from the DOCX archive is secured using path sanitization, ensuring that files are only written to the intended directory and preventing directory traversal vulnerabilities.
- [SAFE]: Although the script processes untrusted data (DOCX files), the risk of indirect prompt injection is mitigated as the script lacks dangerous capabilities such as subprocess execution, dynamic code evaluation, or network access.
Audit Metadata