markdown-document-structurer
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill invokes a local Python script (
scripts/analyze_structure.py) to perform structural analysis on markdown documents. This is a core part of its intended functionality and uses standard library modules. - [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted markdown content provided by the user to reorganize and improve it.
- Ingestion points: The agent reads the content of the target markdown file directly and also passes the file path to
scripts/analyze_structure.py. - Boundary markers: The instructions do not define clear boundaries or delimiters to separate user data from system instructions, nor do they include warnings for the agent to ignore instructions embedded within the document being restructured.
- Capability inventory: The skill can read local files and generate modified text based on those files. It does not perform network operations or use dangerous execution functions like
eval(). - Sanitization: There is no evidence of sanitization or filtering of the input content before the agent processes it for restructuring.
Audit Metadata