Skills
skills/gusibi/skills/markitdown/Gen Agent Trust Hub

markitdown

Pass

Audited by Gen Agent Trust Hub on Mar 10, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill automatically installs the markitdown package from the Tsinghua University PyPI mirror if it is not detected on the system.
  • [COMMAND_EXECUTION]: The script scripts/convert.py uses subprocess.check_call to run the pip package manager for dependency installation.
  • [PROMPT_INJECTION]: The skill processes untrusted documents, creating a surface for indirect prompt injection.
  • Ingestion points: scripts/convert.py reads data from files provided as CLI arguments.
  • Boundary markers: Absent; the skill does not implement delimiters to separate document content from agent instructions.
  • Capability inventory: scripts/convert.py has the ability to execute shell commands via subprocess.
  • Sanitization: Absent; document content is extracted and returned to the agent without filtering.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 10, 2026, 04:52 AM