Skills
skills/s2005/markdown-linter-fixer-skill/markdown-linter-fixer/Gen Agent Trust Hub

markdown-linter-fixer

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS] (LOW): The skill performs an installation of markdownlint-cli2 via npm install -g. While this downloads code from a remote registry, the package is a well-known industry standard for markdown linting. Following the [TRUST-SCOPE-RULE], this is classified as LOW severity.
  • [COMMAND_EXECUTION] (SAFE): The skill uses Bash to execute markdownlint-cli2 commands. These actions are directly tied to the primary purpose of fixing documentation and are not used for malicious purposes.
  • [INDIRECT_PROMPT_INJECTION] (LOW): The skill ingests untrusted markdown data from the project.
  • Ingestion points: Reads *.md files via Glob and Read tools.
  • Boundary markers: None explicitly defined in the prompts to separate file content from instructions.
  • Capability inventory: Includes Bash, Write, and Edit which could be misused if linter output was successfully poisoned.
  • Sanitization: Not present; the skill relies on the linter's structured output but processes content through automated fixes.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:35 PM