docx
Pass
Audited by Gen Agent Trust Hub on Apr 7, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute several shell commands using local Python scripts (e.g.,
scripts/office/unpack.py,scripts/office/pack.py) and standard system utilities likepandoc,pdftoppm, andLibreOffice. These commands are standard for the skill's stated purpose of document processing and conversion. - [EXTERNAL_DOWNLOADS]: Recommends the installation of the
docxpackage via npm (npm install -g docx). This is a well-known and widely used library for generating Word documents and is appropriate for the skill's functionality. - [DATA_EXFILTRATION]: No network exfiltration or unauthorized sensitive file access was detected. File operations (reading and writing) are restricted to the document files and images provided or created during the task.
- [PROMPT_INJECTION]: The skill contains technical instructions using keywords like 'CRITICAL' and 'IMPORTANT', but these are used contextually to guide the agent on document formatting (e.g., page sizes, table widths, XML schema compliance) rather than attempting to bypass safety filters or override agent behavior.
Audit Metadata