doc-smith-build
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill performs document building tasks using standard Node.js APIs and reputable libraries like markdown-it and yaml.
- [SAFE]: Security mitigations are implemented, such as disabling HTML parsing in the Markdown engine and escaping dynamic values in the HTML templates to prevent Cross-Site Scripting (XSS).
- [SAFE]: The build script includes path validation and checks for traversal sequences ('..') in resource URLs to ensure files are only written to and read from intended directories.
Audit Metadata