md-to-docx
Pass
Audited by Gen Agent Trust Hub on Apr 14, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The script
convert_md_to_docx.pyusessubprocess.run()to execute thepandocsystem utility. This is the primary mechanism for document conversion. The implementation follows security best practices by passing arguments as a list and avoiding the use ofshell=True, which prevents common command injection vulnerabilities.\n- [EXTERNAL_DOWNLOADS]: The skill requires external dependencies including thepandocbinary and thepython-docxPython package. The documentation provides clear instructions for installing these through official package managers likebrew,apt-get, andpip. These are standard requirements for the skill's documented functionality.\n- [DATA_EXFILTRATION]: No evidence of unauthorized data exfiltration or network activity was found. The skill's file operations (reading markdown and writing Word documents) are confined to the paths provided by the user or agent during the conversion process.
Audit Metadata