pdf_translator
Pass
Audited by Gen Agent Trust Hub on Apr 12, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill operates by executing local Python scripts to perform PDF text extraction and Markdown file generation.\n
- Evidence: The
SKILL.mdfile defines workflows that involve runningpython3 skills/pdf-translator/scripts/extract_text.pyandpython3 skills/pdf-translator/scripts/generate_md.pyvia the agent's command execution capabilities.\n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and processes untrusted text from PDF documents.\n - Ingestion points: Text is extracted from user-provided PDF files using the
scripts/extract_text.pyscript and then passed back to the agent.\n - Boundary markers: None identified. The extracted text is not wrapped in delimiters or accompanied by instructions to the agent to treat the content as passive data rather than instructions.\n
- Capability inventory: The agent has access to filesystem operations and command execution through the provided scripts, which could be targeted by a successful injection.\n
- Sanitization: There is no sanitization or filtering of the extracted text before it is processed by the language model for translation.
Audit Metadata