Skills
skills/yelban/baoyu-skills.tw/baoyu-markdown-to-html/Gen Agent Trust Hub

baoyu-markdown-to-html

Pass

Audited by Gen Agent Trust Hub on Apr 24, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes a TypeScript script (scripts/main.ts) using the bun runtime or npx to facilitate the conversion process.
  • [EXTERNAL_DOWNLOADS]: Downloads remote image assets from HTTP/HTTPS URLs specified within the input Markdown documents to local or temporary directories for inclusion in the HTML output.
  • [EXTERNAL_DOWNLOADS]: Communicates with the external PlantUML server (www.plantuml.com) to generate and fetch diagram images.
  • [REMOTE_CODE_EXECUTION]: Contains a utility function (loadAndRegisterLanguage) that can dynamically import syntax highlighting grammars from a third-party CDN (cdn-doocs.oss-cn-shenzhen.aliyuncs.com). While this code is present in the shared utility library, it is not part of the primary execution path for the CLI conversion tool.
  • [SAFE]: Reads user preferences and theme settings from EXTEND.md files located in standard configuration paths (e.g., ~/.config/baoyu-skills/ and $HOME/.baoyu-skills/).
  • [SAFE]: Implements a file backup mechanism that renames existing HTML files before creating new ones to prevent accidental data loss.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 24, 2026, 10:59 AM