pandoc-converter
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONNO_CODE
Full Analysis
- [COMMAND_EXECUTION]: The skill defines a workflow for the agent to construct and execute
pandocshell commands. It includes specific templates for PDF and Word output and batch conversion loops. The skill provides safety guidance, advising the agent to use double quotes for all file paths to mitigate shell injection risks. - [NO_CODE]: The skill is composed entirely of Markdown instruction files (
SKILL.md,README.md) and contains no executable scripts, binaries, or automated installation logic. - [PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection because it processes untrusted input data.
- Ingestion points: The skill reads and processes user-supplied documents (
.md,.docx) and custom LaTeX templates (.tex) as described in theSKILL.mdworkflow. - Boundary markers: There are no instructions for the agent to use delimiters or specific ignore-rules for content found within the processed documents.
- Capability inventory: The skill utilizes the agent's ability to execute the
pandoctool through a system shell. - Sanitization: While path quoting is recommended to prevent basic shell injection, the skill does not include methods to sanitize or filter the internal content of the documents or templates, which could potentially contain malicious instructions or macros.
Audit Metadata