document-generation-pdf
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the Bash tool to execute npm and latex commands, which are essential for its primary functions of dependency management and LaTeX-based document rendering.
- [EXTERNAL_DOWNLOADS]: The skill facilitates the download of legitimate and widely-used packages from the NPM registry, including pdf-lib and puppeteer. Puppeteer additionally manages the download of the Chromium browser required for HTML-to-PDF conversion.
- [PROMPT_INJECTION]: The skill processes external JSON data for form filling. While this presents an indirect input surface, the skill implements validation checks to ensure field data corresponds to the PDF template schema.
Audit Metadata