Back to skill

Security audit

Word Docx Formatting Repair Helper

Security checks across malware telemetry and agentic risk

Overview

This skill is a text-only helper for Word/DOCX formatting workflows, with no evidence of hidden execution, data theft, or destructive behavior.

Reasonable to install for Word/DOCX formatting help. Be aware that its activation terms are broad, so it may appear on loosely related productivity requests; only provide sensitive document contents when they are actually needed for the task.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (10)

Vague Triggers

Medium
Confidence
89% confidence
Finding
The trigger phrases are broad, repetitive, and partially truncated, which increases the chance that the skill activates for loosely related requests instead of clear user intent. In an agent environment, over-broad activation can route users into the wrong workflow, cause inappropriate handling of documents, and create opportunities for prompt/skill confusion even though the README does not itself contain direct code execution or data exfiltration behavior.

Vague Triggers

Medium
Confidence
92% confidence
Finding
The trigger phrases are so generic that they can match ordinary productivity requests well beyond the skill’s intended scope, increasing the chance of unintended invocation. In an agent setting, over-broad routing can cause the wrong skill to handle user input, leading to confusing behavior, inappropriate actions, or unnecessary exposure of user document content to a less relevant workflow.

Vague Triggers

Medium
Confidence
92% confidence
Finding
The skill description and activation scope are broad enough to match many ordinary productivity requests, which increases the chance the skill is invoked outside its intended niche. Over-broad routing can cause unintended instruction injection into unrelated conversations, reducing least-privilege isolation between skills and creating opportunities for prompt-scope confusion.

Vague Triggers

Medium
Confidence
95% confidence
Finding
The keyword triggers are highly generic terms such as 'styles', 'automation', and 'find replace', which are common across many benign requests and unrelated domains. This makes accidental or overly eager invocation more likely, potentially exposing users to irrelevant skill instructions and weakening safe skill-selection boundaries.

Vague Triggers

Medium
Confidence
94% confidence
Finding
The trigger keywords are broad, generic productivity terms such as 'work-productivity', 'microsoft word', 'document formatting', and 'automation', which can overlap with many ordinary user requests. This can cause the skill to activate outside its intended scope, leading to misrouting, irrelevant guidance, or accidental overshadowing of more appropriate skills.

Vague Triggers

Medium
Confidence
92% confidence
Finding
The example trigger phrases are highly generic ('Help me...', 'I need a practical workflow...') and largely restate broad demand text rather than defining clear activation boundaries. In a skill-routing system, such vague examples can increase false activations and make normal help-seeking language incorrectly match this skill.

Vague Triggers

Medium
Confidence
93% confidence
Finding
The skill enables implicit invocation, but the metadata does not define a narrowly scoped trigger boundary. That creates a risk that ordinary conversation about document editing, formatting, or productivity could auto-route to this skill unexpectedly, causing unintended tool selection or disclosure of context to the skill when the user did not explicitly request it.

Vague Triggers

Medium
Confidence
95% confidence
Finding
The default prompt uses very broad, everyday phrasing such as work-productivity, Microsoft Word, document formatting, styles, and implementation support. This makes accidental activation more likely across many normal user requests, expanding the skill's effective scope beyond a well-defined task and increasing the chance of unintended invocation.

Vague Triggers

High
Confidence
96% confidence
Finding
The trigger sentence begins with a very broad everyday phrase ('Help me') and then appends the requirement text, which creates weak activation boundaries. In agent environments, broad triggers can cause the skill to activate unintentionally on many unrelated user requests, increasing the chance of prompt-routing errors, context hijacking, or inappropriate use of the skill when a narrower tool should handle the task.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The trigger sentence ('I need a practical workflow for ...') is ambiguous because 'practical workflow' is generic and not uniquely associated with Word or DOCX formatting repair. This ambiguity can lead to accidental invocation for unrelated productivity tasks, causing misrouting and creating an opportunity for adversarial or malformed prompts to steer the agent into the wrong skill context.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.