markdown-formatting
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADS
Full Analysis
- [EXTERNAL_DOWNLOADS] (LOW): The skill recommends installing the 'markdownlint' package via npm or pnpm. While this is a standard and well-known development utility, it involves downloading and installing third-party software.
- [Indirect Prompt Injection] (LOW): The skill is designed to read and process markdown and MDX files, which are untrusted external data sources that could contain hidden instructions aimed at the agent.
- Ingestion points: Markdown and MDX files identified via the 'Glob' tool.
- Boundary markers: Absent; there are no specific instructions to the agent to ignore content within the files it is linting.
- Capability inventory: 'Bash', 'Edit', 'Read', 'Grep', and 'Glob', allowing for command execution and file modification.
- Sanitization: Absent; the skill does not specify any sanitization of the markdown content before processing.
Audit Metadata