Skills
skills/x-cmd/skill/pandoc/Gen Agent Trust Hub

pandoc

Pass

Audited by Gen Agent Trust Hub on Apr 10, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill documentation explicitly states it automatically downloads and manages the Pandoc binary if it is missing from the system. This is a core feature of the x-cmd environment designed for automated tool setup.
  • [COMMAND_EXECUTION]: The skill uses shell commands (x pandoc) to perform document format conversions and fetch external web content for processing.
  • [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface when fetching and converting content from untrusted external URLs. 1. Ingestion points: Remote web content fetched via URLs (e.g., https://example.com) in SKILL.md. 2. Boundary markers: No specific markers are used in the examples to isolate converted content from agent instructions. 3. Capability inventory: The skill can execute subprocess commands and write to the local file system. 4. Sanitization: The skill relies on Pandoc's internal parsing and does not specify additional sanitization for remote input.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 10, 2026, 05:40 AM