Docx
Pass
Audited by Gen Agent Trust Hub on Jun 30, 2026
Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [DATA_EXFILTRATION]: The skill mandates loading a local file at
~/.claude/PAI/SKILL.mdas a prerequisite for operation. This file is described as containing sensitive personal data, including contact lists, voice IDs, and security protocols. - [PROMPT_INJECTION]: The skill is designed to ingest and process external Word documents by converting them to Markdown or unpacking their XML structure. This creates a surface for indirect prompt injection, where malicious instructions embedded in a processed document could be interpreted and executed by the agent.
- [COMMAND_EXECUTION]: The skill utilizes several system-level utilities via shell execution and Python's
subprocess.runmodule. These includepandocfor document conversion,soffice(LibreOffice) for PDF generation and validation, andpdftoppmfor image extraction. - [SAFE]: The skill follows security best practices by using the
defusedxmllibrary for all XML parsing operations to prevent XML External Entity (XXE) attacks.
Audit Metadata