docx-to-web-publisher

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses local shell commands for document conversion (pandoc), image processing (magick), and project building (npm). These are standard tools for the intended development workflow.
  • [DATA_EXFILTRATION]: The skill accesses local .docx files to extract text and structure. This access is required for its functionality and does not involve unauthorized access to sensitive system directories or credentials. No network exfiltration of this data was observed.
  • [PROMPT_INJECTION]: The skill represents a surface for indirect prompt injection as it ingests untrusted data from document files to generate code. 1. Ingestion points: word/document.xml processed via scripts/extract_docx.py. 2. Boundary markers: None. 3. Capability inventory: scripts/extract_docx.py (file read), file writing for .tsx components, and shell command execution. 4. Sanitization: None; the agent is expected to manually structure the extracted text into provided templates. This is an expected risk surface for a document conversion skill.
  • [REMOTE_CODE_EXECUTION]: No remote code execution patterns or untrusted external downloads were found. All provided scripts are local and use standard Python libraries.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 12:28 PM
Security Audit — agent-trust-hub — docx-to-web-publisher