docx
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill handles untrusted external data by reading and converting Word documents, creating a surface for indirect prompt injection attacks where malicious instructions could be hidden in document text.\n
- Ingestion points: The skill reads files via
Document(\"document.docx\")and processes them using system tools likepandoc.\n - Boundary markers: No delimiters or instructions are provided to help the agent distinguish between document content and its own operational instructions.\n
- Capability inventory: The skill has the capability to read/write to the local file system and execute shell commands for document conversion (Pandoc, LibreOffice).\n
- Sanitization: There is no evidence of sanitization or filtering of the extracted document content before it is processed by the agent.
Audit Metadata