notes-ta
Pass
Audited by Gen Agent Trust Hub on Mar 23, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the
pymupdflibrary via pip to support its PDF processing functionality. This is a standard dependency for the skill's stated purpose of note generation. - [COMMAND_EXECUTION]: A Python script is provided to extract text from PDF files using the
fitz(PyMuPDF) library. The script is configured to process the first 20 pages of a specified file path. - [PROMPT_INJECTION]: The skill processes untrusted user-supplied materials, such as PDFs and transcripts, which constitutes a surface for indirect prompt injection.
- Ingestion points: User-provided learning materials are ingested in STAGE 1 (SKILL.md) for note generation.
- Boundary markers: Absent; there are no explicit delimiters or instructions provided to the agent to ignore potentially malicious instructions embedded within the user data.
- Capability inventory: The skill possesses file-reading and Python execution capabilities via the provided extraction script.
- Sanitization: The skill does not perform any sanitization or validation of the content extracted from user materials.
Audit Metadata