conversation-json-to-md-cn
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a local Python script
scripts/convert_conversations.pyto process user-provided JSON files. The script uses standard Python libraries (json, pathlib, re) to perform its tasks safely within the local filesystem. - [PROMPT_INJECTION]: The skill processes untrusted chat logs, which creates an indirect prompt injection surface. 1. Ingestion points:
scripts/convert_conversations.pyreads data from a user-specified JSON file path. 2. Boundary markers: The script uses Markdown headers (e.g., ## Question, ### Answer) to structure the output but does not wrap content in specialized security delimiters or warning blocks. 3. Capability inventory: The script is limited to reading the input file and writing Markdown files to a user-provided directory; it has no network or additional subprocess capabilities. 4. Sanitization: Filenames are sanitized via regular expressions to remove illegal characters and prevent path traversal during file creation.
Audit Metadata