nano-pdf
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs the
nano-pdfpackage from the public Python Package Index (PyPI) during the installation phase. - [COMMAND_EXECUTION]: The skill executes the
nano-pdfcommand-line tool to perform file system operations, specifically editing PDF documents. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it transforms natural language instructions into document modifications. If an attacker provides these instructions via untrusted data (e.g., a summarized email or web page), they could potentially manipulate the resulting PDF output.
- Ingestion points: The instruction string passed to the
nano-pdf editcommand. - Boundary markers: None identified in the skill definition.
- Capability inventory: Modifies local PDF files via the
nano-pdfCLI. - Sanitization: Not explicitly implemented in the skill wrapper.
Audit Metadata