large-document-processing
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a susceptibility to indirect prompt injection as it parses and chunks content from untrusted external document formats.\n
- Ingestion points: Data enters the agent's context through files such as
large_document.pdfanddata/bible/nwt_E.epubusing parsers likePyMuPDFandebooklib.\n - Boundary markers: Absent. There is no evidence in the provided logic that extracted text chunks are wrapped in delimiters or accompanied by instructions for the AI to ignore embedded commands.\n
- Capability inventory: The skill possesses the capability to read local files and execute internal setup and extraction scripts (
scripts/extract_jwpub.pyandscripts/setup_large_document_processing.py).\n - Sanitization: Absent. The extraction and chunking code does not include filters or validation routines to detect and neutralize potentially malicious instructional content in the source documents.
Audit Metadata