PDF Processing
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Indirect Prompt Injection (SAFE): The skill is designed to process external PDF files, which is its primary function. While processing untrusted documents creates a potential surface for indirect prompt injection, the implementation follows standard practices without unsafe interpolation or execution of the extracted content.
- External Downloads (SAFE): The skill mentions common PDF processing libraries available through standard package managers. No unverified or remote scripts are downloaded or executed.
- Data Exposure & Exfiltration (SAFE): No hardcoded credentials or attempts to access sensitive system files or network resources were found. The skill performs local file operations restricted to the provided PDF documents.
Audit Metadata