Skills
skills/jeremylongshore/claude-code-plugins-plus-skills/pdf-parser/Gen Agent Trust Hub

pdf-parser

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFENO_CODEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [No Code] (SAFE): The skill consists of a single markdown file with metadata and contains no executable scripts or external dependencies.
  • [Command Execution] (LOW): The skill requests permission for the 'Bash' tool. While no malicious commands are present in the skill itself, this capability increases the risk if the agent is exploited through untrusted data.
  • [Indirect Prompt Injection] (LOW): The skill is designed to parse PDFs, which creates an attack surface for indirect prompt injection.
  • Ingestion points: External PDF documents related to 'pdf parser' tasks.
  • Boundary markers: Absent; no delimiters are defined to separate untrusted PDF content from agent instructions.
  • Capability inventory: Access to 'Bash', 'Read', 'Write', and 'Edit' tools provides significant system access if the agent is manipulated.
  • Sanitization: No sanitization or validation of input data is defined.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:06 PM