Skills
skills/sisodiabhumca/agent-skills/docx-style-auditor/Gen Agent Trust Hub

docx-style-auditor

Pass

Audited by Gen Agent Trust Hub on May 11, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill extracts text from external .docx files and displays it to the agent, which is a vector for indirect prompt injection if the document contains instructions designed to manipulate the AI.
  • Ingestion points: The docx_style_auditor.py script parses the word/document.xml file within a user-provided .zip archive (docx).
  • Boundary markers: None. The extracted text snippets are returned in a JSON structure without explicit delimiters or warnings to the agent to disregard instructions within the data.
  • Capability inventory: The skill is limited to local file system access (read/write) through its specific script; it lacks capabilities for network communication, shell execution, or privilege escalation.
  • Sanitization: There is no validation or sanitization of the text strings extracted from the OpenXML structure before they are presented to the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
May 11, 2026, 04:06 PM
Security Audit — agent-trust-hub — docx-style-auditor