Skills
skills/anian0/pick-skills/md-to-visual/Gen Agent Trust Hub

md-to-visual

Pass

Audited by Gen Agent Trust Hub on Mar 13, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its handling of untrusted input files.
  • Ingestion points: The scripts/parse_md.py script reads and parses content from local Markdown files specified by the user.
  • Boundary markers: There are no delimiters or specific instructions to the agent to treat the parsed content as data only, increasing the risk that the agent might follow instructions embedded within the Markdown.
  • Capability inventory: The skill utilizes the pencil MCP tool (SKILL.md) to generate visual assets and has the ability to write files to the mdout/ directory.
  • Sanitization: The parsing script performs structural analysis but does not sanitize or filter the extracted text to remove potential prompt injection payloads.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 13, 2026, 04:33 AM