Skills
skills/richfrem/agent-plugins-skills/markdown-to-msword-converter/Gen Agent Trust Hub

markdown-to-msword-converter

Pass

Audited by Gen Agent Trust Hub on Apr 8, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill directs the agent to execute local Python scripts (md_to_docx.py, run_bulk_md_to_docx.py, verify_docx.py) using the Bash tool as part of its core conversion workflow.\n- [EXTERNAL_DOWNLOADS]: The documentation references dependencies on Python packages (pypandoc, markdown, docx) and the pandoc system-level binary. These are common and standard tools for document processing.\n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through the ingestion of untrusted Markdown files from the environment.\n
  • Ingestion points: Untrusted Markdown data is read for processing as defined in the Phase 1 engine execution of SKILL.md.\n
  • Boundary markers: Absent; the instructions do not provide delimiters or warnings for the agent to ignore instructions embedded in the source Markdown.\n
  • Capability inventory: The skill uses Bash, Read, and Write tools (configured in SKILL.md) to perform file operations and script execution.\n
  • Sanitization: Absent; the skill relies on the integrity check script verify_docx.py after conversion rather than sanitizing input data.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 8, 2026, 08:59 PM