docx

Warn

Audited by Snyk on Jun 23, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.75). In the “Redlining workflow” the runtime path pandoc --track-changes=all path-to-file.docx -o current.md converts the (potentially outsider-authored) DOCX body text into markdown, which is then ingested by the agent for review/edits—i.e., free text from an outsider document enters the LLM context.

MEDIUM W013: Attempt to modify system services in skill instructions.

  • Attempt to modify system services in skill instructions detected (high risk: 0.90). The prompt explicitly instructs installing system packages with "sudo apt-get install" (and other global installs), which encourages privilege escalation and modifying the host system state.

Issues (2)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

W013
MEDIUM

Attempt to modify system services in skill instructions.

Audit Metadata
Risk Level
MEDIUM
Analyzed
Jun 23, 2026, 06:06 AM
Issues
2
Security Audit — snyk — docx