nano-pdf
Warn
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- Unverifiable Dependencies (MEDIUM): The skill installs the 'nano-pdf' package from PyPI via the uv installer. This is an external dependency not included in the pre-verified trusted source list, posing a potential supply-chain risk.
- Command Execution (LOW): The skill executes the 'nano-pdf' command-line binary. This is required for its primary purpose but involves running code on the host system.
- Indirect Prompt Injection (LOW): The tool accepts natural language instructions to modify PDF content, which constitutes an injection surface. 1. Ingestion points: Instructions are passed as CLI arguments in SKILL.md. 2. Boundary markers: Absent. 3. Capability inventory: CLI execution of 'nano-pdf'. 4. Sanitization: Absent.
Audit Metadata