Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements PDF processing using established libraries and follows a structured workflow with local scripts for form handling. No indicators of malicious activity, data exfiltration, or harmful command execution were found.
- [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection because it extracts content from untrusted PDF documents. Ingestion points: Text extraction snippets in
SKILL.mdand form field extraction inscripts/extract_form_field_info.py. Boundary markers: None explicitly defined in the provided instructions for processing extracted data. Capability inventory: File writing and script execution across thescripts/directory. Sanitization: No evidence of content sanitization prior to presentation to the agent. - [SAFE]: The script
scripts/fill_fillable_fields.pyperforms a monkeypatch on thepypdflibrary to resolve a specific known issue with selection list formatting. This is an intended functionality for accurate form filling.
Audit Metadata