docx
Fail
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to perform administrative actions using sudo to install system-level dependencies.
- Evidence: The 'Dependencies' section explicitly lists commands like 'sudo apt-get install pandoc', 'sudo apt-get install libreoffice', and 'sudo apt-get install poppler-utils'.
- [PROMPT_INJECTION]: The skill contains instructions designed to override the agent's internal constraints and default behavior for processing content.
- Evidence: Instructions such as 'MANDATORY
- READ ENTIRE FILE' and 'NEVER set any range limits when reading this file' in both the 'Creating a new Word document' and 'Editing an existing Word document' sections direct the agent to ignore standard safety and performance limits regarding large file processing.
- [EXTERNAL_DOWNLOADS]: The skill directs the installation of several external third-party software packages and libraries.
- Evidence: The 'Dependencies' section requires installing 'docx' via npm, 'defusedxml' via pip, and various utilities through the system package manager.
Recommendations
- AI detected serious security threats
Audit Metadata