docx-processing-lawvable
Pass
Audited by Gen Agent Trust Hub on May 16, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to use shell commands including mkdir, echo, grep, and code to create project structures and communicate with the SuperDoc VS Code extension.
- [PROMPT_INJECTION]: The skill presents a surface for indirect prompt injection as it ingests untrusted content from Word documents and possesses file system and shell execution capabilities.
- Ingestion points: Document text is read into the agent context via the getText command described in SKILL.md.
- Boundary markers: There are no specific delimiters or instructions provided to isolate ingested document content from the agent's core instructions.
- Capability inventory: The agent can create directories (mkdir), write files (echo), and execute shell commands (code).
- Sanitization: The workflow does not include any validation or sanitization of the data retrieved from document files.
Audit Metadata