Skills
skills/mathews-tom/praxis-skills/md-to-pdf/Gen Agent Trust Hub

md-to-pdf

Pass

Audited by Gen Agent Trust Hub on Apr 17, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The script scripts/md_to_pdf.py executes several external binaries including pandoc, node, and mmdc (Mermaid CLI) using subprocess.run. While it uses list-based arguments, the execution of external tools is a core part of its functionality.
  • [COMMAND_EXECUTION]: The setup script scripts/setup.sh uses sudo to install system-level dependencies via apt-get and runs the playwright install chromium command.
  • [EXTERNAL_DOWNLOADS]: The scripts/setup.sh script downloads and installs software packages from official package registries including APT, NPM, and PyPI.
  • [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection as it processes untrusted markdown files provided by users.
  • Ingestion points: User-provided markdown files are read in scripts/md_to_pdf.py and passed to conversion utilities.
  • Boundary markers: None identified in the processing pipeline.
  • Capability inventory: Includes execution of external binaries via subprocess.run and browser control via the Playwright library.
  • Sanitization: No explicit sanitization or validation of the input markdown content is performed before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 17, 2026, 01:27 AM
Security Audit — agent-trust-hub — md-to-pdf