skills/danielmiessler/lifeos/Docx/Gen Agent Trust Hub

Docx

Pass

Audited by Gen Agent Trust Hub on Jun 30, 2026

Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [DATA_EXFILTRATION]: The skill mandates loading a local file at ~/.claude/PAI/SKILL.md as a prerequisite for operation. This file is described as containing sensitive personal data, including contact lists, voice IDs, and security protocols.
  • [PROMPT_INJECTION]: The skill is designed to ingest and process external Word documents by converting them to Markdown or unpacking their XML structure. This creates a surface for indirect prompt injection, where malicious instructions embedded in a processed document could be interpreted and executed by the agent.
  • [COMMAND_EXECUTION]: The skill utilizes several system-level utilities via shell execution and Python's subprocess.run module. These include pandoc for document conversion, soffice (LibreOffice) for PDF generation and validation, and pdftoppm for image extraction.
  • [SAFE]: The skill follows security best practices by using the defusedxml library for all XML parsing operations to prevent XML External Entity (XXE) attacks.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 30, 2026, 03:33 PM
Security Audit — agent-trust-hub — Docx