Skills
skills/ocozyo/docs-to-wiki/docx-to-md/Gen Agent Trust Hub

docx-to-md

Pass

Audited by Gen Agent Trust Hub on May 11, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill requires the installation of the python-docx and anthropic Python packages from standard registries to function.
  • [COMMAND_EXECUTION]: The skill relies on the agent executing a provided Python script (scripts/docx_to_md.py) to handle the document parsing and image extraction.
  • [DATA_EXFILTRATION]: In standalone mode, the script sends extracted image data to the Anthropic API for analysis. This is a primary feature of the skill used for image description.
  • [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection because it extracts raw, unsanitized text from user-provided .docx files and places it directly into Markdown files that the agent is then instructed to read and process.
  • Ingestion points: The scripts/docx_to_md.py script reads content from untrusted external .docx files.
  • Boundary markers: The generated Markdown output does not include delimiters or protective instructions to help the agent distinguish between document content and its own instructions.
  • Capability inventory: The agent uses its Read, Edit, and Agent tools to interact with the produced Markdown and describe extracted images.
  • Sanitization: No filtering, escaping, or validation is performed on the text extracted from the source documents.
Audit Metadata
Risk Level
SAFE
Analyzed
May 11, 2026, 12:06 PM