Skills
skills/insight68/skills/nano-pdf/Gen Agent Trust Hub

nano-pdf

Pass

Audited by Gen Agent Trust Hub on Feb 28, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill installs the nano-pdf package from the Python Package Index (PyPI) using the uv installer.
  • [COMMAND_EXECUTION]: The skill executes the nano-pdf CLI tool to perform file modifications on the local system.
  • [PROMPT_INJECTION]: A potential surface for indirect prompt injection exists because the skill interpolates natural-language instructions into a command-line execution context.
  • Ingestion points: Command-line arguments in SKILL.md used for editing PDF content.
  • Boundary markers: Absent; there are no delimiters or instructions to ignore embedded commands in the processed data.
  • Capability inventory: File system write access via the nano-pdf edit command.
  • Sanitization: No input validation or sanitization is mentioned for the natural-language strings passed to the tool.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 28, 2026, 08:21 PM