python-docx
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: CRITICAL
Full Analysis
- [EXTERNAL_DOWNLOADS] (SAFE): The skill references standard Python packages ('python-docx' and 'Pillow') from official repositories via pip. These are well-established libraries for document and image processing.
- [MALICIOUS_URL_ALERT] (SAFE): The automated scanner alerts for 'font.name', 'run.font.name', and 'logger.info' are confirmed false positives. These strings are standard Python attributes and logging methods used in document automation, not actual malicious domains or external URLs.
- [COMMAND_EXECUTION] (SAFE): No dangerous system commands, shell piping, or privilege escalation patterns were found. Code snippets demonstrate local file creation and formatting only.
- [PROMPT_INJECTION] (SAFE): The README content is purely instructional and does not contain any instructions aimed at bypassing AI safety guardrails or overriding system prompts.
Recommendations
- Contains 3 malicious URL(s) - DO NOT USE
Audit Metadata