Skills
skills/aktsmm/agent-skills/ocr-super-surya/Gen Agent Trust Hub

ocr-super-surya

Pass

Audited by Gen Agent Trust Hub on Feb 25, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches dependencies including surya-ocr from PyPI and specific torch builds from the official PyTorch repository (download.pytorch.org), which are well-known and trusted software sources.
  • [COMMAND_EXECUTION]: Provides standard command-line instructions for verifying GPU availability, installing necessary packages, and executing the OCR helper script.
  • [PROMPT_INJECTION]: The skill processes untrusted input documents, creating a surface for indirect prompt injection if the extracted text is processed by an agent without further validation.
  • Ingestion points: Functions ocr_image, ocr_pdf, and ocr_batch in scripts/ocr_helper.py read content from user-specified file paths.
  • Boundary markers: Absent; extracted text is returned as a raw string without delimiters or warnings to ignore embedded instructions.
  • Capability inventory: The skill reads local files and outputs their contents via scripts/ocr_helper.py; it also modifies local environment variables for memory management.
  • Sanitization: No filtering or sanitization is performed on the text extracted from images or PDFs before it is returned to the agent context.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 25, 2026, 10:24 PM