Skills
skills/eddiebe147/claude-settings/PDF Generator/Gen Agent Trust Hub

PDF Generator

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • Indirect Prompt Injection (LOW): The skill processes untrusted Markdown and HTML data to generate PDFs, creating a surface for injection attacks.
  • Ingestion points: markdownToPdf function reads external files from the mdPath parameter.
  • Boundary markers: Absent. There are no delimiters or warnings to the agent about ignoring instructions embedded in the source documents.
  • Capability inventory: The skill uses puppeteer (process spawning), fs.readFileSync (file read), and fs.writeFileSync (file write).
  • Sanitization: Absent. The code uses marked.parse(markdown) and immediately renders the output via page.setContent(styledHtml). Maliciously crafted Markdown containing <script> tags or <iframe> elements could lead to local file disclosure or SSRF within the headless browser context.
  • Command Execution (LOW): The skill invokes puppeteer.launch(), which spawns a Chromium subprocess. While this is the intended primary purpose of the skill, it represents a standard risk factor for executing code in a browser environment that processes untrusted inputs.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 05:06 PM