Skills
skills/tentacle-pro/skills/baoyu-markdown-to-html/Gen Agent Trust Hub

baoyu-markdown-to-html

Fail

Audited by Gen Agent Trust Hub on Mar 13, 2026

Risk Level: HIGHREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONCOMMAND_EXECUTION
Full Analysis
  • [REMOTE_CODE_EXECUTION]:
  • The skill includes a function loadAndRegisterLanguage in scripts/md/utils/languages.ts that constructs a URL for a remote CDN (cdn-doocs.oss-cn-shenzhen.aliyuncs.com) and uses the import() statement to execute the fetched JavaScript code at runtime.
  • This pattern allows for the execution of arbitrary remote code if the language name parameter is manipulated or the third-party CDN is compromised.
  • [EXTERNAL_DOWNLOADS]:
  • The downloadFile function in scripts/main.ts is configured to download images from any URL provided in the markdown content and save them to the local filesystem.
  • This behavior can be exploited for Server-Side Request Forgery (SSRF) or to place malicious files onto the host system.
  • [DATA_EXFILTRATION]:
  • The PlantUML extension in scripts/md/extensions/plantuml.ts transmits document content contained in diagram blocks to an external third-party server (https://www.plantuml.com) for rendering.
  • This involves sending potentially sensitive user data to an external service without clear data privacy boundaries.
  • [COMMAND_EXECUTION]:
  • The core script in scripts/main.ts performs extensive file system operations, including reading, writing, and renaming files based on user-provided input paths and environment variables.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Mar 13, 2026, 08:55 AM