Skills
skills/thechandanbhagat/claude-skills/docx/Gen Agent Trust Hub

docx

Pass

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the Bash tool to execute several external utilities including pandoc, libreoffice, antiword, and unzip for document processing and conversion. It also executes Python logic through shell heredocs.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection due to its core function of extracting text from untrusted external files.
  • Ingestion points: Processes external .docx, .doc, and .json files via python-docx, pandoc, and json.load in SKILL.md.
  • Boundary markers: There are no explicit delimiters or system instructions provided in the snippets to prevent the agent from following instructions embedded within the processed documents.
  • Capability inventory: The skill utilizes Bash for command execution and Write for file creation, which could be abused if an injected instruction is executed.
  • Sanitization: While the security notes suggest sanitizing input, the provided code examples do not implement any escaping or validation for the extracted text content.
  • [EXTERNAL_DOWNLOADS]: The skill documentation lists dependencies like pandoc, libreoffice, and the python-docx library. These are well-known, standard tools fetched from official package registries (PyPI, APT, Homebrew) and are considered safe for the intended document processing use-case.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 1, 2026, 07:45 PM
Security Audit — agent-trust-hub — docx