paddleocr-doc-parsing
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [SAFE]: No high-severity security vulnerabilities or malicious patterns were detected in the skill's code or instructions.
- [EXTERNAL_DOWNLOADS]: The smoke test utility performs a download of a sample image from a well-known vendor repository (Baidu/PaddlePaddle) to verify API connectivity and configuration.
- [PROMPT_INJECTION]: The skill contains an attack surface for indirect prompt injection when parsing external documents. \n
- Ingestion points: Untrusted content from files or URLs is processed by the
scripts/vl_caller.pyscript. \n - Boundary markers: The prompt template in
SKILL.mddoes not utilize strong delimiters or explicit 'ignore instructions' warnings for the extracted text. \n - Capability inventory: The agent has the ability to execute local helper scripts and communicate with the configured PaddleOCR API endpoint. \n
- Sanitization: No sanitization or filtering is performed on the text extracted from documents before it is displayed to the model.
Audit Metadata