kimi-docx
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE] (SAFE): No malicious behavior detected. The skill is designed as a utility library for document manipulation, focusing on OpenXML structure correction and business rule enforcement.
- [COMMAND_EXECUTION] (SAFE): The scripts use standard file operations and internal library calls. Use of external tools like pandoc is recommended in documentation for verification but not autonomously executed in a dangerous manner.
- [DATA_EXFILTRATION] (SAFE): No evidence of network communication to unauthorized domains. All file operations (unzipping, reading, and repacking) are performed within the local environment and temporary directories.
- [EXTERNAL_DOWNLOADS] (SAFE): Dependencies listed (lxml, playwright, matplotlib) are standard libraries for the tasks performed. No suspicious remote code execution (curl|bash) patterns were identified.
- [DYNAMIC_EXECUTION] (SAFE): XML parsing utilizes lxml's recovery mode to handle malformed documents gracefully, which is a standard practice for document processing and does not pose a security risk in this implementation.
Audit Metadata