doc-pipeline
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill specifies the installation of well-known and legitimate document processing libraries including python-docx, openpyxl, python-pptx, reportlab, and jinja2 via pip. It also references the author's official GitHub repository for documentation.
- [PROMPT_INJECTION]: The skill structure indicates a surface for indirect prompt injection. 1. Ingestion points: Document content from PDFs, images, and spreadsheets enters the context via the extraction stages described in SKILL.md. 2. Boundary markers: No explicit boundary markers or delimiters are defined to isolate untrusted document content from the AI's core instructions. 3. Capability inventory: The provided code snippets do not contain subprocess calls, eval/exec, file writes, or network operations; however, the skill defines a workflow where an AI model analyzes text extracted from external sources. 4. Sanitization: The skill does not describe or implement methods to sanitize or validate content extracted from external files before it is processed by the AI.
Audit Metadata