document-scanning
Pass
Audited by Gen Agent Trust Hub on Mar 26, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill consists of documentation and command templates for common file discovery tasks. It does not include executable scripts or external dependencies.
- [PROMPT_INJECTION]: The skill's primary function involves extracting document metadata (such as title and author), which presents a surface for indirect prompt injection if external documents contain malicious instructions in their property fields.
- Ingestion points: Metadata extraction from .docx, .xlsx, .pptx, and .pdf files (SKILL.md).
- Boundary markers: The context passing format for sub-agents does not specify delimiters or warnings to ignore instructions within the extracted metadata.
- Capability inventory: The skill defines CLI command patterns for discovery (find, Get-ChildItem, git) but lacks its own dynamic execution tools.
- Sanitization: No sanitization or validation of the extracted metadata is instructed.
Audit Metadata