markitdown
Pass
Audited by Gen Agent Trust Hub on Apr 13, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill recommends installing the 'markitdown' Python package via pip. This is a legitimate document conversion utility developed and maintained by Microsoft.
- [PROMPT_INJECTION]: The skill is designed to parse and process untrusted data from various document formats and external URLs, which constitutes an indirect prompt injection attack surface. Ingestion points: Local file paths and URLs provided to the markitdown CLI in SKILL.md. Boundary markers: There are no instructions provided to the agent to use delimiters or ignore instructions embedded within the processed documents. Capability inventory: The skill utilizes the 'Bash' tool, enabling the agent to execute shell commands and interact with the file system. Sanitization: No explicit sanitization or content validation steps are defined for the converted output before it is integrated into the agent's context.
Audit Metadata