doc-pipeline
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and processes content from external, potentially untrusted documents (PDF, Image, Excel) and passes that content to an AI for analysis. \n
- Ingestion points: Document operations like pdf-extraction, ocr, and Excel analysis described in SKILL.md. \n
- Boundary markers: No explicit boundary markers or instructions to ignore embedded commands are present in the pipeline implementation examples. \n
- Capability inventory: The skill performs text extraction, data transformation, and AI-driven analysis of processed file content. \n
- Sanitization: No sanitization or filtering logic is demonstrated for the content extracted from external documents. \n- [EXTERNAL_DOWNLOADS]: The skill instructions include the installation of several well-known and standard Python libraries for document manipulation: python-docx, openpyxl, python-pptx, reportlab, and jinja2.
Audit Metadata