Skills
skills/askyourpdf/ai-pdf-filler/ai-pdf-filler-cli/Gen Agent Trust Hub

ai-pdf-filler-cli

Pass

Audited by Gen Agent Trust Hub on Feb 28, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill requires the installation of the ai-pdf-filler package using tools like pip or uv. This package is a vendor-owned resource associated with the skill author, used to provide the simplicity-cli command.
  • [COMMAND_EXECUTION]: The skill's operation relies on executing simplicity-cli to perform form-filling tasks, check progress, and download completed documents. These are intended functional commands for this skill.
  • [PROMPT_INJECTION]: The skill has a vulnerability surface for indirect prompt injection because it processes external data from PDF files and URLs to fill forms.
  • Ingestion points: External PDFs and URLs are provided via the --form-file, --source-file, --form-url, and --source-url flags as described in SKILL.md.
  • Boundary markers: There are no explicit instructions or delimiters defined to prevent the model from interpreting content inside these external files as instructions.
  • Capability inventory: The agent can execute shell commands (simplicity-cli) and fetch remote content from provided URLs.
  • Sanitization: The skill does not mention any sanitization or validation logic for the content retrieved from external sources.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 28, 2026, 09:00 AM