document-converter
Pass
Audited by Gen Agent Trust Hub on May 8, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted external documents, which may contain hidden instructions intended to influence the AI's behavior.\n
- Ingestion points: Local files and remote URLs converted via the
convert_to_markdowntool and the CLI as described inSKILL.md.\n - Boundary markers: None specified; there are no instructions to the agent to treat extracted content as untrusted or to ignore embedded commands.\n
- Capability inventory: Uses shell command execution and local file read access to process documents.\n
- Sanitization: There is no description of content sanitization or validation during the conversion process.\n- [EXTERNAL_DOWNLOADS]: Fetches and installs the
markitdownandmarkitdown-mcppackages from PyPI to enable document conversion.\n- [COMMAND_EXECUTION]: Provides detailed instructions for the agent to run themarkitdowncommand-line utility for local processing.\n- [DATA_EXFILTRATION]: The conversion tool includes native functionality to download and process document content from remote HTTP/HTTPS URLs.
Audit Metadata