docx-to-markdown
Fail
Audited by Snyk on May 18, 2026
Risk Level: CRITICAL
Full Analysis
CRITICAL E004: Prompt injection detected in skill instructions.
- Potential prompt injection detected (high risk: 0.80). The prompt includes explicit meta-instructions unrelated to DOCX→Markdown conversion—e.g., mandatory task-tracking, a "strict execution contract", and automatic subagent (spawn_agent) authorization—that attempt to change agent behavior and grant permissions outside the skill's stated purpose, which constitutes a prompt-injection risk.
Issues (1)
E004
CRITICALPrompt injection detected in skill instructions.
Audit Metadata