docx-templates
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- Unverifiable Dependencies (LOW): The documentation suggests installing
docxtplandPillowwithout specifying versions. While these are common packages, unversioned installations are a best-practice violation. - Indirect Prompt Injection (LOW): The skill ingest data from external templates and CSV files for Jinja2 interpolation. 1. Ingestion points: Template files (invoice_template.docx) and data sources (customers.csv). 2. Boundary markers: No delimiters or ignore instructions are used to separate data from template logic. 3. Capability inventory: Local file system read and write operations. 4. Sanitization: No sanitization or sandboxing of the Jinja2 environment is demonstrated.
Audit Metadata