Pass
Audited by Gen Agent Trust Hub on Apr 7, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill's functionality is consistent with its stated purpose of PDF manipulation. It relies on reputable open-source libraries and standard system utilities.
- [COMMAND_EXECUTION]: The guide includes examples for using common PDF command-line tools like
qpdf,pdftotext, andpdftk. These are used for standard operations such as merging, splitting, and rotating pages. - [DATA_EXPOSURE]: The skill involves processing external data (PDF files), which constitutes a potential surface for indirect prompt injection. This is inherent to the nature of PDF processing tools.
- Ingestion points: The skill extracts text and images from local PDF files using
pypdf,pdfplumber, andpytesseract(SKILL.md). - Boundary markers: Not present in the provided code snippets; extracted data is processed directly.
- Capability inventory: The skill can generate and write new PDF or Excel files to the local file system using
reportlab,pypdf, andpandas. - Sanitization: No explicit sanitization of extracted PDF text is performed before processing.
Audit Metadata