Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): No instructions targeting agent behavior modification or safety bypasses were identified.\n- [Data Exposure & Exfiltration] (SAFE): The skill focuses on local file processing without hardcoded credentials or unauthorized network exfiltration.\n- [External Downloads] (SAFE): References to common packages like pypdf, pdfplumber, and reportlab are standard for the skill's stated purpose and come from trusted ecosystems.\n- [Indirect Prompt Injection] (SAFE): The skill facilitates the processing of potentially untrusted PDF content, which is an inherent risk of its functionality rather than a malicious design.\n
- Ingestion points: PDF content is read using
PdfReader,pdfplumber, and OCR inSKILL.md.\n - Boundary markers: No specific boundary markers or instructions to ignore embedded commands are present in the examples.\n
- Capability inventory: The skill uses file-writing capabilities and standard system utilities (qpdf, pdftk).\n
- Sanitization: No explicit sanitization of extracted text is shown in the instructional snippets.
Audit Metadata