Skills
AGENT LAB: SKILLS
skills/aktsmm/agent-skills/ocr-super-surya/Gen Agent Trust Hub

ocr-super-surya

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • EXTERNAL_DOWNLOADS (LOW): The skill installs the surya-ocr package from PyPI. While the repository datalab-to/surya is not in the trusted organizations list, this is a necessary dependency for the skill's primary OCR function. Following the primary purpose rule, the severity is downgraded to LOW.
  • EXTERNAL_DOWNLOADS (SAFE): The skill installs PyTorch components from download.pytorch.org. This is a trusted external source according to the security policy, making this specific download safe.
  • COMMAND_EXECUTION (LOW): The instructions prompt the execution of CLI tools like surya_ocr and a local script scripts/ocr_helper.py. While the helper script's content was not provided for auditing, this is standard behavior for a utility skill.
  • INDIRECT_PROMPT_INJECTION (LOW): The skill is designed to process untrusted data from images and PDFs which may contain malicious instructions meant to influence the AI's subsequent behavior.
  • Ingestion points: image.png and document.pdf processed via the surya_ocr tool as described in SKILL.md.
  • Boundary markers: None. The instructions do not specify delimiters or warnings for the agent to ignore text found within processed images.
  • Capability inventory: The skill utilizes command-line execution (surya_ocr) and file system output (--output_dir).
  • Sanitization: No sanitization or validation of the OCR'd text is evident in the provided documentation.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 05:08 PM