peach-markitdown
Pass
Audited by Gen Agent Trust Hub on Apr 12, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes shell commands for environment setup and file conversion. These operations use safe, list-based subprocess calls that prevent shell injection. Evidence found in scripts/convert_one.py and scripts/convert_folder.py.
- [EXTERNAL_DOWNLOADS]: During initialization, the bootstrap.sh script downloads and installs standard software packages including markitdown, python-hwpx, and lxml via pipx and uv. These are well-known libraries required for the skill's stated functionality.
- [DATA_EXFILTRATION]: The skill reads and writes files within directories specified by the user. There is no evidence of unauthorized data access, credential harvesting, or network exfiltration.
- [PROMPT_INJECTION]: As a document conversion tool, the skill processes untrusted external files. While the resulting Markdown output could contain instructions designed to influence downstream AI processing, the skill logic itself does not contain malicious instructions. Ingestion points: convert_one.py, convert_folder.py; Boundary markers: None; Capability: Subprocess conversion; Sanitization: None.
Audit Metadata