file-conversion
Pass
Audited by Gen Agent Trust Hub on Jun 25, 2026
Risk Level: SAFEDATA_EXFILTRATIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [DATA_EXFILTRATION]: The skill facilitates the transmission of user-provided file contents to an external service (
changethisfile.com) for the purpose of format conversion. This behavior is clearly documented as the skill's primary function. - [EXTERNAL_DOWNLOADS]: After processing, the skill retrieves the converted files from a service-provided URL. The script includes checks to ensure the download is successful and the resulting file is not empty.
- [COMMAND_EXECUTION]: The skill executes a bundled shell script (
scripts/convert.sh) that utilizes common system utilities. The script implements defensive coding practices, including: - Validation of the target format string to allow only alphanumeric characters.
- Path traversal protection for the output file path, rejecting absolute paths and parent directory references (
..). - Safe handling of large file contents using temporary files and Base64 encoding to avoid shell argument length limits.
- Secure JSON construction using
jqwhen available, with a sanitized fallback mechanism. - [INDIRECT_PROMPT_INJECTION]: The skill processes content from external files, which introduces a surface for indirect prompt injection if the agent subsequently interprets the contents of the converted files as instructions.
- Ingestion points: User-provided input files processed by
scripts/convert.shor the MCP tool. - Boundary markers: The skill does not explicitly define markers for the data returned from the service.
- Capability inventory: The skill can execute shell commands (
scripts/convert.sh), write to the local filesystem, and perform network requests. - Sanitization: The script rigorously sanitizes all metadata and path inputs to prevent exploitation of the execution environment.
Audit Metadata