pdf-vision-reader
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [Prompt Injection] (LOW): Indirect Prompt Injection risk surface detected. 1. Ingestion point: User-provided PDF files processed by
scripts/pdf_to_images.py. 2. Boundary markers: Absent in the workflow instructions. 3. Capability inventory: File read/write access and script execution capabilities. 4. Sanitization: Absent; the system does not filter or sanitize text found within images. - [Command Execution] (SAFE): The skill utilizes a local Python script and includes setup instructions for system dependencies via
sudo. These activities are aligned with the primary purpose and are not considered malicious.
Audit Metadata