gift-question-bank-pdf
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The script render_gift_bank_pdf.py executes a local browser binary via subprocess.run to render HTML files into PDF format. This is a legitimate operation for its stated purpose.
- [PROMPT_INJECTION]: The skill processes external files and supports raw HTML formatting via the [html] tag. This creates a surface for indirect prompt injection into the rendering engine, which is a standard feature for rich formatting. Ingestion points: User-provided GIFT files read by the Python script. Boundary markers: None; the script processes file contents directly. Capability inventory: Local file system access and headless browser execution. Sanitization: The script uses html.escape for most data but intentionally bypasses it for content explicitly marked with the [html] prefix.
Audit Metadata