Skills
skills/lyndonkl/claude/markdown-to-pdf/Gen Agent Trust Hub

markdown-to-pdf

Pass

Audited by Gen Agent Trust Hub on Jun 15, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to execute local system commands (command -v, pandoc, test) to verify tool availability and perform the file conversion. This is the intended behavior of the skill.
  • [COMMAND_EXECUTION]: There is a potential risk of command injection if the agent interpolates unsanitized user-provided file paths into the shell command templates (<INPUT_MD>, <OUTPUT_PDF>). Agents should ensure file paths are properly escaped or handled.
  • [EXTERNAL_DOWNLOADS]: The skill provides manual installation instructions for the user to fetch pandoc and LaTeX engines via official package managers (brew for macOS, apt for Linux). These are trusted, well-known services and the skill explicitly avoids automatic installation.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 15, 2026, 11:30 AM
Security Audit — agent-trust-hub — markdown-to-pdf