pdf-to-markdown
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION] (LOW): The skill contains specific directives in the 'IMPORTANT Task Planning Notes' section that instruct the agent to plan in small steps and perform a final review. This is an attempt to override the agent's default operational behavior.
- [INDIRECT_PROMPT_INJECTION] (LOW): As the skill parses external PDF documents, it is vulnerable to indirect prompt injection where malicious instructions inside a PDF could be interpreted by the agent.
- Ingestion points: PDF file input via the conversion script.
- Boundary markers: Absent.
- Capability inventory: Bash execution of the conversion script, File Read, and File Write access.
- Sanitization: No sanitization or filtering logic is specified in the provided metadata or configuration files.
Audit Metadata