oma-hwp
Pass
Audited by Gen Agent Trust Hub on May 3, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill utilizes
bunx kordoc@latestto dynamically fetch and execute the conversion tool from the NPM registry. This is a functional requirement for the skill's purpose and uses the standard Bun toolchain. - [COMMAND_EXECUTION]: Shell commands are used to invoke the converter and the post-processing script. The skill follows safety best practices by wrapping file path variables in double quotes within command templates to mitigate common shell injection risks.
- [DATA_EXFILTRATION]: Analysis of the source code and execution protocol shows that the skill reads local documents and writes results back to the local filesystem. No network operations targeting untrusted domains were identified.
- [PROMPT_INJECTION]: As the skill is designed to ingest and process untrusted binary documents (.hwp, .hwpx), it possesses an inherent attack surface for indirect prompt injection. However, the skill implements post-processing logic to strip Private Use Area (PUA) characters and sanitize table structures, which helps reduce the impact of malformed content.
Audit Metadata