context-loader
Pass
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: SAFE
Full Analysis
- [Metadata Analysis] (SAFE): The skill description claims to synchronize context and run at launch, which implies a persistence or automation role, but the provided commands are limited to local document conversion.
- [Indirect Prompt Injection] (LOW): The skill processes external data via
.docxfiles. While it lacks explicit sanitization or boundary markers for the content of these files, the capabilities are limited to reading the converted output to the console, posing minimal risk. - [Command Execution] (SAFE): The commands
pandocandcatare used for their intended purposes of document processing and file reading. No dangerous flags or shell escapes were detected.
Audit Metadata