Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes Python libraries pypdf and pdfplumber to perform file manipulation and text extraction. This is standard behavior for the intended PDF processing tasks.
- [PROMPT_INJECTION]: The skill extracts text from external PDF files which may contain malicious instructions designed to influence the agent's behavior.
- Ingestion points: PDF files processed via pdfplumber and pypdf as described in SKILL.md.
- Boundary markers: The skill does not define specific delimiters or instructions to ignore potential commands embedded within the extracted PDF text.
- Capability inventory: Python code execution for PDF manipulation and extraction tasks.
- Sanitization: No sanitization or filtering of the extracted text is performed prior to processing by the agent.
Audit Metadata