md-to-docx-template
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- EXTERNAL_DOWNLOADS (MEDIUM): The skill directs users to clone from 'https://github.com/jonnyschneider/skills.git'. This repository is not part of the trusted organization or repository list, making the source code unverifiable.
- COMMAND_EXECUTION (LOW): The tool relies on 'pandoc' and 'rsvg-convert' for core functionality. These system binaries are invoked on untrusted user input, which can lead to unexpected behavior if specific engine features are exploited.
- INDIRECT_PROMPT_INJECTION (MEDIUM): The skill processes untrusted Markdown and YAML data (Ingestion points: input.md, manifest.yaml). There are no visible boundary markers or sanitization steps to isolate user-provided content from the formatting engine (Sanitization: Absent). Given the capability to modify and write DOCX files (Capability inventory: fix-fonts.py, fix-table-headers.py, fix-list-indent.py), an attacker could craft inputs that exploit document processing vulnerabilities or include local files via the underlying Pandoc engine.
Audit Metadata