addon-pdf-preprocess-page-artifacts
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Indirect Prompt Injection Surface.
- Ingestion points: The skill describes a preprocessing worker that downloads and processes raw PDF files from object storage (SKILL.md).
- Boundary markers: Structural markers such as
<!-- PAGE:X -->are used for organization, but the skill lacks security-focused delimiters or instructions to prevent the agent from obeying commands embedded within the extracted PDF text. - Capability inventory: The workflow involves writing extracted markdown and metadata to the
document_pagestable and updating document statuses. - Sanitization: There is no requirement or implementation logic provided for sanitizing or validating the extracted text content before persistence or downstream consumption.
Audit Metadata