Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill utilizes several well-known and reputable libraries for PDF processing including pypdf, pdfplumber, reportlab, pytesseract, pdf2image, pypdfium2, pandas, pdf-lib, and pdfjs-dist.
- [COMMAND_EXECUTION]: The skill documentation provides standard examples for using common PDF command-line utilities such as pdftotext, qpdf, pdftk, and pdfimages.
- [PROMPT_INJECTION]: The skill processes content from external PDF files, which is a potential surface for indirect prompt injection. The skill implements multi-step validation processes including automated bounding box checks and manual image inspection to mitigate risks during form filling.
- [SAFE]: No malicious obfuscation, credential exfiltration, or persistence mechanisms were detected. The runtime patching of pypdf in fill_fillable_fields.py is a localized fix for a documented library bug.
Audit Metadata