ocr-document-processor
Pass
Audited by Gen Agent Trust Hub on Apr 8, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements legitimate OCR functionality for images and PDFs using well-known and reputable libraries including pytesseract, PyMuPDF, and OpenCV.
- [SAFE]: No network operations, credential harvesting, or remote code execution patterns were detected. The skill interacts exclusively with the local file system to read source documents and save extracted output.
- [PROMPT_INJECTION]: Identified a potential surface for indirect prompt injection as the skill processes content from untrusted external files (images and PDFs). 1. Ingestion points: External document files loaded via the OCRProcessor class in scripts/ocr_processor.py. 2. Boundary markers: Absent; the skill returns raw extracted text to the agent without specific delimiters or instructions to ignore embedded commands. 3. Capability inventory: Limited to local file system writes in scripts/ocr_processor.py; no network access or system command execution tools are present. 4. Sanitization: Extracted text is processed via regular expressions for specific fields (receipts/business cards) but the full text is returned without sanitization.
Audit Metadata