Skills
skills/ocozyo/doc-to-md-skills/docx-to-md/Gen Agent Trust Hub

docx-to-md

Pass

Audited by Gen Agent Trust Hub on May 11, 2026

Risk Level: SAFE
Full Analysis
  • [DATA_EXFILTRATION]: The skill transmits image data from processed documents to the Anthropic API to generate descriptions. This is an intended core feature and utilizes a well-known service.\n- [INDIRECT_PROMPT_INJECTION]: The skill processes external DOCX files and converts their content into Markdown. \n
  • Ingestion points: Reads .docx files via the python-docx library in scripts/docx_to_md.py.\n
  • Boundary markers: Image descriptions are prefixed with > **[图片]**, but there are no boundary markers or instructions to ignore embedded commands for the main document text or tables.\n
  • Capability inventory: The script performs network requests to the Anthropic API and writes converted files to the local file system.\n
  • Sanitization: Basic text processing (stripping whitespace) is performed, but there is no filtering or sanitization of potential prompt instructions contained within the document text.
Audit Metadata
Risk Level
SAFE
Analyzed
May 11, 2026, 05:53 AM