Skills
skills/cat-xierluo/legal-skills/md2word/Gen Agent Trust Hub

md2word

Pass

Audited by Gen Agent Trust Hub on May 1, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The module scripts/chart_handler.py utilizes subprocess.run to invoke the mmdc (Mermaid CLI) tool for diagram rendering. The implementation follows security best practices by constructing the command as a list of arguments, effectively mitigating shell injection risks.
  • [EXTERNAL_DOWNLOADS]: The md2word.py script contains a download_external_image function that uses urllib.request to retrieve images from external URLs provided in Markdown documents. This network activity is documented and necessary for the core functionality of embedding remote assets into generated documents.
Audit Metadata
Risk Level
SAFE
Analyzed
May 1, 2026, 03:11 AM