PDF Processing
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- PROMPT_INJECTION (LOW): Indirect Prompt Injection surface detected.
- Ingestion points: PDF files are ingested via pdfplumber and pypdf in SKILL.md and FORMS.md.
- Boundary markers: Absent; there are no instructions to the agent to treat extracted text as untrusted or ignore embedded commands.
- Capability inventory: The skill includes file system writing operations which could be misused if the agent obeys instructions found within a document.
- Sanitization: Absent; the skill extracts raw text and table data without filtering for malicious patterns.
Audit Metadata