md-to-pdf
Pass
Audited by Gen Agent Trust Hub on Apr 16, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill uses
subprocess.runto execute local helper scripts (illustration-generator and document-interpreter). The execution is performed safely by passing arguments as a list rather than a shell string, which prevents command injection vulnerabilities. - [DATA_EXFILTRATION]: There are no network calls or operations that could result in data being sent to external servers.
- [EXTERNAL_DOWNLOADS]: The skill does not download any external code or dependencies at runtime.
- [PROMPT_INJECTION]: The skill instructions in
SKILL.mdare purely functional and do not contain any patterns attempting to override agent behavior or bypass safety filters. - [INDIRECT_PROMPT_INJECTION]: The skill processes user-supplied Markdown files. While these files are passed to other internal skills (like an illustration generator) which might involve AI processing, this is a standard document processing workflow and does not pose a high risk of malicious instruction execution given the current capabilities.
- Ingestion points: Reads local Markdown files provided as arguments in
scripts/convert.py. - Boundary markers: None used when passing file content to the illustration generator.
- Capability inventory: Uses
subprocess.runto execute local scripts and write PDF files to the disk. - Sanitization: None observed for the input file content, but it is processed as a data file for conversion.
Audit Metadata