Skills
skills/stvlynn/dingtalk-wukong-skills/docx/Gen Agent Trust Hub

docx

Pass

Audited by Gen Agent Trust Hub on Mar 19, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [SAFE]
  • XML parsing in document.py, utilities.py, unpack.py, and pack.py is performed using the defusedxml library, which provides protection against XML External Entity (XXE) attacks and other XML-based security issues.
  • No evidence of data exfiltration, hardcoded credentials, or unauthorized network activity was found in the provided scripts or documentation.
  • [COMMAND_EXECUTION]
  • The pack.py script uses subprocess.run to invoke soffice (LibreOffice) for document validation and format conversion tasks.
  • The redlining.py script uses subprocess.run to execute git diff for comparing document revisions during the redlining process.
  • Technical instructions in SKILL.md guide the use of system commands like pandoc for text extraction and pdftoppm for visual document analysis.
  • [PROMPT_INJECTION]
  • The skill's primary function involves converting Word documents into Markdown for analysis by the LLM. This introduces an indirect prompt injection surface where instructions contained within a document could potentially influence agent behavior. Best practices are recommended for the agent to treat this content strictly as data and ignore any embedded instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 19, 2026, 12:05 PM