md-document
Pass
Audited by Gen Agent Trust Hub on Jun 14, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADS
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill fetches typography and syntax highlighting assets from well-known services (Google Fonts at fonts.googleapis.com and jsDelivr at cdn.jsdelivr.net). These connections are documented, serve a clear functional purpose, and use trusted industry providers.
- [SAFE]: The skill executes local Python scripts (markdown_parser.py, html_renderer.py, and interactivity_injector.py) for processing. These operations are restricted to the local environment and the skill's primary purpose of document generation.
- [SAFE]: markdown_parser.py implements basic HTML entity encoding (escaping of <, >, and &) to sanitize user-provided markdown content before it is rendered into the final HTML document.
- [SAFE]: Asset handling, such as embedding logos, is performed using local file reads and Base64 encoding within html_renderer.py, which avoids unnecessary external network traffic for branding assets.
Audit Metadata