markdown-exporter
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill relies on the
pypandoclibrary to perform high-fidelity document conversions. This library works by executing thepandocbinary on the host system. This is the intended and documented behavior of the tool for converting formats like DOCX and PPTX. - [EXTERNAL_DOWNLOADS]: The skill specifies
pypandoc-binaryas a dependency. This package is known to download thepandocexecutable during the installation phase if it is not already present on the system. This is a standard installation procedure for this library and does not represent a runtime security risk. - [INDIRECT_PROMPT_INJECTION]: As a tool that processes and transforms Markdown text, it has an inherent surface for indirect prompt injection if the input contains malicious instructions designed to be interpreted by an LLM in subsequent steps of a workflow.
- Ingestion points: The
md_textparameter, which is the primary input for all conversion tools (e.g., intools/md_to_pdf/md_to_pdf.yaml). - Boundary markers: Not present; the tool processes the provided Markdown text directly without wrapping it in specific security delimiters.
- Capability inventory: The skill has the capability to write various file formats to the local filesystem and generate HTML text strings.
- Sanitization: The skill includes utility functions to remove reasoning content (e.g.,
<think>tags) and normalize line breaks, but it does not perform deep sanitization of the Markdown content itself, which is standard for conversion utilities.
Audit Metadata