wechat-article
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION] (LOW): The skill instructs the agent to execute a Python script using a user-provided file path as an argument. This is a potential command injection vector if the agent does not properly sanitize the filename.
- [EXTERNAL_DOWNLOADS] (SAFE): The skill requires standard Python packages (
markdown,beautifulsoup4,pygments) from PyPI, which is a trusted registry. - [INDIRECT_PROMPT_INJECTION] (LOW): The skill processes untrusted Markdown data from the user. 1. Ingestion point:
input.mdfile contents. 2. Boundary markers: Not specified in instructions. 3. Capability: Local script execution via subprocess. 4. Sanitization: None described in the provided files for the markdown content itself.
Audit Metadata