Skills
skills/timlai666/skills/review-scoring-docx/Gen Agent Trust Hub

review-scoring-docx

Pass

Audited by Gen Agent Trust Hub on Mar 26, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted review data from external files (CSV, JSON, TXT).
  • Ingestion points: In SKILL.md Step 1, the skill automatically detects and loads text from user-uploaded review files.
  • Boundary markers: The workflow lacks explicit boundary markers or instructions to treat review content as potentially malicious or to ignore embedded instructions.
  • Capability inventory: The skill utilizes file system read access (open in Python) to ingest reviews and write access to generate a .docx file in the working directory.
  • Sanitization: No sanitization or validation of the text content within the reviews is performed before the agent processes it for attribute extraction and scoring, allowing potential malicious instructions in reviews to influence the agent's behavior.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 26, 2026, 03:46 AM