Skills
skills/duc01226/easyplatform/markdown-to-docx/Gen Agent Trust Hub

markdown-to-docx

Pass

Audited by Gen Agent Trust Hub on May 15, 2026

Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
  • [PROMPT_INJECTION]: Behavioral Overrides. The SKILL.md file includes instructions to the agent to ignore certain platform-specific instructions, which is a pattern used to override default agent behaviors.
  • [PROMPT_INJECTION]: Indirect Prompt Injection Surface. The skill reads external markdown files which could contain malicious instructions aimed at the agent.
  • Ingestion points: scripts/lib/config-loader.cjs (reading markdown files).
  • Boundary markers: Absent. No specific delimiters or warnings to ignore embedded content.
  • Capability inventory: File system read/write access via the fs module in scripts/lib/converter.cjs and scripts/lib/output-handler.cjs.
  • Sanitization: Absent. Markdown content is processed without filtering for embedded instructions.
  • [DATA_EXFILTRATION]: File Access Capabilities. The skill possesses tools to read and write files on the local filesystem. While these are necessary for its documented purpose, they represent a potential data exposure vector if used to access files outside the intended scope.
Audit Metadata
Risk Level
SAFE
Analyzed
May 15, 2026, 04:55 AM
Security Audit — agent-trust-hub — markdown-to-docx