Skills
skills/ian-pascoe/dotfiles/docx/Gen Agent Trust Hub

docx

Warn

Audited by Gen Agent Trust Hub on Mar 29, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill performs runtime compilation and process injection to modify application behavior.
  • Script scripts/office/soffice.py writes C source code to a temporary directory and compiles it into a shared object (.so) file using gcc.
  • The resulting library is injected into the LibreOffice (soffice) process environment via the LD_PRELOAD environment variable.
  • This mechanism intercepts and redirects low-level system socket calls (socket, listen, accept, close) to facilitate document processing in restricted or sandboxed environments.
  • [COMMAND_EXECUTION]: The skill executes various system utilities to perform its primary tasks.
  • Uses subprocess.run to invoke gcc for compilation, git diff for version comparison, and soffice for document processing.
  • [EXTERNAL_DOWNLOADS]: The skill documentation requires the installation of external dependencies from public registries.
  • SKILL.md instructs the user to install the docx library globally via npm install -g docx.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 29, 2026, 03:30 AM