Skills
skills/hjewkes/agent-skills/md-render/Gen Agent Trust Hub

md-render

Pass

Audited by Gen Agent Trust Hub on Feb 23, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The template includes a script reference to the Mermaid.js library hosted on the jsDelivr CDN (cdn.jsdelivr.net) to provide diagram rendering capabilities.
  • [COMMAND_EXECUTION]: The bash script uses open or xdg-open to launch the generated HTML file in the user's default web browser.
  • [PROMPT_INJECTION]: The skill implements an indirect prompt injection surface by rendering markdown content with HTML support enabled.
  • Ingestion points: Reads markdown data from local files or standard input via the md-render shell script.
  • Boundary markers: No explicit delimiters or instructions are provided to the model to ignore embedded commands within the processed markdown content.
  • Capability inventory: The skill has the ability to write to the local filesystem and execute system commands to open a web browser.
  • Sanitization: The markdown-it renderer is configured with html: true, allowing raw HTML and potential scripts within the input markdown to be included in the final rendered output.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 23, 2026, 03:46 PM