pdf-generation
Pass
Audited by Gen Agent Trust Hub on Mar 20, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill documentation provides instructions for installing
pandoc,weasyprint, andpango. These are standard, well-known software tools from trusted package registries. - [COMMAND_EXECUTION]: The
generate-pdf.shscript executespandocandweasyprintas part of its core functionality to transform markdown documents into styled PDF files. - [SAFE]: Analysis of the indirect prompt injection surface shows that the skill processes local markdown files. * Ingestion points: Markdown files (README.md, *.md) located within the directory specified by the user. * Boundary markers: None; files are processed sequentially. * Capability inventory: Reading local markdown files, writing PDF files, and executing the
pandocandweasyprintbinaries. * Sanitization: Content is processed through standard transformation tools; the script performs automated link rewriting but does not alter the source markdown content.
Audit Metadata