Skills
skills/allenai/asta-plugins/PDF Text Extraction/Gen Agent Trust Hub

PDF Text Extraction

Pass

Audited by Gen Agent Trust Hub on May 5, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill's installation instructions include a command to download and install the asta-plugins package directly from the vendor's official GitHub repository (github.com/allenai/asta-plugins.git). This is a legitimate operation for acquiring the necessary CLI tools from the skill's author.
  • [PROMPT_INJECTION]: The skill facilitates the processing of external, potentially untrusted PDF documents. This introduces a surface for indirect prompt injection where malicious instructions embedded in a PDF could attempt to influence the agent's behavior during or after extraction.
  • Ingestion points: PDF files loaded from local paths or S3 buckets via the asta pdf-extraction command.
  • Boundary markers: The skill does not explicitly define or enforce boundary markers (e.g., XML tags or delimiter strings) in its usage examples to separate extracted text from instructions.
  • Capability inventory: The skill utilizes Bash for CLI operations and file management (mv, cp), along with Read and Write access to specific directories.
  • Sanitization: No sanitization or filtering of the extracted text is performed by the skill itself; the raw output is provided to the workspace or the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
May 5, 2026, 10:18 PM