nsfc-length-aligner
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The script
scripts/check_length.pyinvokes thepdfinfoutility viasubprocess.run. The command is constructed as a list of arguments, which prevents shell injection by avoiding shell-based parsing of the input paths. - [EXTERNAL_DOWNLOADS]: The skill requires standard Python packages such as
pyyamland optionallypypdf. These are well-known, trusted libraries used for configuration and PDF processing, falling within the scope of trusted services. - [SAFE]: The skill's core functionality is limited to local text analysis and report generation. There are no signs of credential exposure, data exfiltration, or malicious persistence mechanisms.
Audit Metadata