markitdown

The skill targets a reasonable document-to-Markdown conversion capability and demonstrates a straightforward data flow from local inputs to local outputs. The main security concern is the reliance on an external dependency installation from an unspecified mirror source on first run, which could introduce supply-chain risk if the source is untrusted. If the mirror/source is clearly identified, pinned, and verifiable (e.g., official registry with checksums), the footprint remains benign and proportional to the stated purpose.