superdoc-react
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (MEDIUM): The skill requires installation of @superdoc-dev/react, yjs, and y-websocket; these packages originate from organizations not listed in the trusted scope and require manual verification.
- [PROMPT_INJECTION] (MEDIUM): The skill contains an indirect prompt injection surface. (1) Ingestion point: The document prop in SuperDocEditor (SKILL.md) accepts external DOCX files and blobs. (2) Boundary markers: Absent; no delimiters or instructions are provided to treat document content as untrusted. (3) Capability inventory: Supports document parsing, rendering, exporting, and network-based collaboration. (4) Sanitization: No sanitization is mentioned. External content could potentially influence the agent's logic.
- [DATA_EXFILTRATION] (LOW): The skill utilizes WebSocket connections for collaboration features, which is a standard pattern for editors but facilitates external data transmission.
Audit Metadata