Skills
skills/vasilyu1983/ai-agents-public/document-docx/Gen Agent Trust Hub

document-docx

Pass

Audited by Gen Agent Trust Hub on Mar 12, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill exposes a surface for indirect prompt injection by processing external document data.
  • Ingestion points: External .docx files are read using python-docx (e.g., input.docx) and templates are processed with docxtpl (e.g., template.docx).
  • Boundary markers: None identified; the skill does not wrap extracted content in markers or provide instructions to ignore embedded commands.
  • Capability inventory: The skill can read/write files and extract text/tables.
  • Sanitization: No sanitization or validation of the contents of the .docx files is performed before the data is handled.
  • [EXTERNAL_DOWNLOADS]: The skill references several standard document processing libraries from public registries.
  • Python: python-docx, docxtpl.
  • Node.js: mammoth, docx.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 12, 2026, 08:54 PM