multimodal-parser

What to consider before installing/using: - Trust & origin: the package has no homepage and an unknown source; run it only if you trust the author or after reviewing the code (you have the code). - Permissions & sandboxing: the skill uses Deno to run subprocesses and read files. Grant it only the minimal filesystem and subprocess permissions, or run in a sandbox/container. - Dependencies: it requires external CLI tools (tesseract, pdftotext/poppler, pandoc, whisper, ffmpeg). Install those from official package repositories to avoid malicious binaries. - Network/supply-chain: the code imports zod from deno.land at runtime — this fetch is expected but is a supply-chain/network fetch; if you need offline assurance, vendor the dependency or audit the fetched module. - Data sensitivity: the skill processes user-provided files locally and does not appear to transmit results externally, but avoid testing on highly sensitive files until you confirm runtime permissions and behavior in your environment. - Sanity checks: test on non-sensitive sample files first; verify produced outputs and any error messages. If you need stronger assurance, run the code in an isolated VM and/or review and pin remote dependency versions.