docx

Pass

Audited by Gen Agent Trust Hub on Jun 23, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill demonstrates a strong security posture for document processing.
  • [SAFE]: Employs defusedxml consistently across all Python scripts for XML parsing and manipulation. This is a critical security measure that mitigates XML External Entity (XXE) vulnerabilities and XML bomb attacks commonly associated with Office Open XML (OOXML) processing.
  • [SAFE]: Includes an extensive validation framework in ooxml/scripts/validation/. This system uses official ISO-IEC 29500-4 XSD schemas and custom redlining validators to ensure document integrity and structural compliance before and after manipulation.
  • [COMMAND_EXECUTION]: Uses subprocess.run to call system utilities such as soffice (LibreOffice), git, and pandoc. These calls are implemented securely using list-based arguments without shell invocation (shell=False default) and are limited to specific validation, conversion, and comparison tasks essential to the skill's primary purpose.
  • [SAFE]: No evidence of credential exposure, data exfiltration, or obfuscation was found. All file operations are localized to the provided directory and temporary system paths.
  • [SAFE]: Indirect prompt injection surfaces are managed by extracting text through pandoc and using structured DOM manipulation for edits, which reduces the likelihood of unintended instruction execution compared to raw text processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 23, 2026, 06:06 AM
Security Audit — agent-trust-hub — docx