Skill✓ Certified

openai-doc-skill

Creates, reads, and edits Microsoft Word documents with support for formatted text, tables, images, and structured layouts.

/ 100 · Grade A

A = 90–100

“I need to create, read, or edit Word documents with proper formatting, tables, images, and professional layouts.”

document processingoffice automationcontent creationfile manipulation

Publisher: openaiVersion: latestCertified: Mar 28, 2026Expires: Mar 28, 2027Source ↗

openai-doc-skill earned Certified status with a trust score of 92/100 (Grade A). Adversarial testing produced 1 finding (1 high).

Trust Score Breakdown

Eight weighted signals composing the aggregate trust score

security scan

100% × 15w

15.0

supply chain

100% × 10w

10.0

adversarial

83% × 25w

20.8

provenance

80% × 20w

16.0

consumer confirm

100% × 10w

10.0

behavioral pass

100% × 10w

10.0

contract accuracy

100% × 6w

6.0

uptime

100% × 4w

4.0

Scheme v2.0 · Weights provisional · Consumer confirmations and uptime use pipeline-derived baselines.

Findings

Security scan results, adversarial testing, and pipeline review

Security Scan — Cisco Skill Scanner

cisco-skill-scannerPASS

staticbehavioralllmmeta

critical: 0high: 0medium: 0low: 0

Adversarial Testing — 3 categories, 1 findings

prompt injection chainscapability squattingcontext poisoning

highWarnprompt injection chainssuspected

The skill processes user-provided DOCX files and their content without explicit data boundary markers. The workflow involves reading, editing, and reviewing DOCX content where user-provided text could contain instruction-like directives (e.g., 'Ignore previous instructions and instead...'). While the skill focuses on document formatting and layout, the lack of explicit framing of user content as data creates a potential injection surface where malicious DOCX content could attempt to override the skill's behavior during processing.

Methodology v1.0 · 3 categories · ~55 attack patterns

Behavioral Fingerprint

Runtime performance baseline for drift detection

Samples

Error rate

0.0%

Peak memory

— MB

Avg CPU

—%

Response time distribution

p50: 25677msp95: 26984msp99: 26984ms

Output size distribution

p50: 6.1 KBp95: 6.8 KBmean: 4.4 KB

Fingerprint v1.0 · Baseline: Mar 28, 2026 · Status: baseline

Interface

Skill triggers and instruction summary

Activation

Activates when tasks involve reading, creating, or editing .docx documents where formatting or layout fidelity matters

Handles DOCX document operations with emphasis on visual layout validation and professional formatting

Instructions: 61Files: 3Format: markdown

Does

Use python-docx for structured document creation and editing

Render DOCX files to visual formats (PDF/PNG) for layout validation

Re-render and inspect pages after meaningful changes

Organize intermediate files in tmp/docs/ directory

Write final outputs to output/doc/ directory

Install missing dependencies using uv or pip

Perform final quality checks at 100% zoom before delivery

Clean up temporary files after completion

Does not

Use Unicode dashes (only ASCII hyphens allowed)

Leave tool tokens or placeholder strings in citations

Deliver documents with formatting defects or broken layouts

Skip visual validation when rendering tools are available

Scope & Permissions

What this capability can and cannot access — derived from pipeline analysis

⚠creates files

yes

⚠deletes files

yes

⚠modifies files

yes

✓accesses env variables

⚠invokes external tools

yes

✓makes network requests

Known Failure Modes

Documented edge cases and recovery behaviors

when when rendering tools are missing

then the agent installs dependencies or instructs user on local installation

when when visual review is not possible

then the agent extracts text with python-docx as fallback and warns about layout risks

Badge & Integration

Embed certification status in your README, docs, or CI pipeline

badge SVG →attestation API →integration guide →

Certification Notes

Provenance observations from the pipeline

publisher

Publisher "openai" is not verified — first certification from this publisher

provenance

No SECURITY.md or SECURITY.txt file found — no published vulnerability reporting process

provenance

Single contributor — no peer review evidence in commit history

provenance

Repository is 3 days old — recently created

provenance

Package description appears to be boilerplate or template text

Signed Artifact

Certification provenance and verification metadata

Content hashsha256:e7013aedef55f700b32048ba754cce165588ee86abea71e242230e711c7d2db5

Key IDkms-9db4ed3b9f53

CertifiedMar 28, 2026

ExpiresMar 28, 2027

Pipeline version1.0

Statusvalid

download .cert.json →download annotated file →

Pipeline Artifacts

Raw data files from this certification run — downloadable for independent verification

contract.json

Full unsigned contract

↓

stage1-ingest.json

Ingest stage output

↓

stage2a-sbom.json

SBOM generation results

↓

stage2a-vulns.json

Vulnerability scan results

↓

stage2b-security.json

Security scan results

↓

stage3a-functional.json

Functional test results

↓

stage3b-adversarial.json

Adversarial test results

↓

stage3c-fingerprint.json

Behavioral fingerprint

↓

stage4-certify.json

Certification decision + trust score

↓

stage3a-measurements.json

Raw functional test measurements

↓

stage3b-measurements.json

Raw adversarial test measurements

↓

run-log.json

Pipeline execution log

↓

Not all files may be present for every certification.