ai-docx
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted external data, which presents an indirect prompt injection attack surface as defined in Category 8.
- Ingestion points: Untrusted data enters the context via the
materialText,materialFile, andmaterialUrlparameters inreferences/form-schema.json. - Boundary markers: No explicit delimiters or instructions to ignore embedded commands were found in the skill instructions.
- Capability inventory: The skill performs network requests via the
urllib.requestmodule inscripts/run.pyto send data to the backend API. - Sanitization: No sanitization or escaping of the user-provided document content is performed in the local runner script before transmission.
- [COMMAND_EXECUTION]: The skill includes an executable Python script
scripts/run.pyintended for users to run locally to facilitate interaction with the AI Skills API. - [EXTERNAL_DOWNLOADS]: The runner script initiates network connections to the vendor's domain
ai-skills.ai. Per the author context guidelines, this domain is recognized as the official endpoint for the skill's operations.
Audit Metadata