Security risk report for @forgecat/openai_skills_doc v0.0.10
Source Integrity
Low
Profile is attributed to OpenAI's official skills repository with a specific commit hash and Apache-2.0 license.
Metadata (author, original repository, version, commit date) is consistent with a legitimate upstream source.
Agent Intent
Low
Content describes a legitimate document-processing workflow using standard Python libraries (python-docx) and system tools (LibreOffice, Poppler).
No instructions to read credentials, exfiltrate data, ignore system prompts, or execute remote payloads.
Guidance on dependency installation and rendering is standard practice; no typosquatted packages, backdoored templates, or security-weakening directives.
Details
Evidence
Workflow section outlines normal DOCX editing and visual validation steps.
Dependencies list only well-known, legitimate packages: python-docx, pdf2image, libreoffice, poppler-utils.
Quality expectations focus on document fidelity and formatting correctness, not on manipulating the agent's behavior.
Permissions
Low
No tools or hooks are declared in the profile; no file_write, file_delete, shell, or web_fetch permissions are requested.
The skill is purely instructional guidance for how to use existing system tools and Python libraries when the user invokes document work.
Authority is scoped to the stated purpose: reading, creating, and editing DOCX files with visual validation.
Details
Evidence
'Declared tools' section is empty.
No MCP servers or tool definitions with alwaysApply or glob patterns.
Workflow steps reference user-initiated actions and standard library calls, not autonomous agent permissions.
MCP Risk
Low
No MCP servers are defined in the profile.
No hidden instructions in tool descriptions or arbitrary binary execution.
The profile is purely markdown documentation and does not instantiate any server-side agents or remote execution contexts.
Details
Evidence
'MCP servers' section is empty.
Content is static skill documentation, not a server configuration.