Skills
skills/hmbown/codewhale/documents/Gen Agent Trust Hub

documents

Pass

Audited by Gen Agent Trust Hub on Jun 18, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [SAFE]: The skill provides instructions for professional document creation and editing using established libraries and tools.
  • [SAFE]: A safety-first approach is mandated for dependency management, requiring the agent to seek user confirmation before package installation.
  • [COMMAND_EXECUTION]: The skill uses tools like unzip and pandoc to interact with document files. These tools are used for their intended purpose (manipulating OOXML and file conversion) and do not pose a security risk.
  • [PROMPT_INJECTION]: The skill operates on external .docx files, which constitutes a surface for indirect prompt injection. Ingestion point: SKILL.md (workflow for document editing). Boundary markers: Absent. Capability inventory: File system writes via python-docx and unzip. Sanitization: Absent. The risk is considered low/safe due to the absence of network access or persistent system modification capabilities.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 18, 2026, 02:30 AM
Security Audit — agent-trust-hub — documents