mineru-pdf
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill executes the
mineruCLI through a bash script. The script uses secure practices, such asset -euo pipefailand bash arrays ("${args[@]}") for command execution, which effectively prevents shell injection even if input filenames or arguments contain special characters. - [DATA_EXPOSURE] (SAFE): No hardcoded secrets, API keys, or access to sensitive system paths (e.g., SSH keys, cloud credentials) were found. The script only interacts with the provided input file and the specified output directory.
- [EXTERNAL_DOWNLOADS] (SAFE): The skill does not attempt to download external scripts or execute remote code. It assumes the necessary dependencies (MinerU) are already installed by the user on the local system.
- [PROMPT_INJECTION] (SAFE): The SKILL.md and README.md files contain only functional instructions. There are no attempts to bypass AI safety filters or hijack the agent's system prompt.
- [INDIRECT_PROMPT_INJECTION] (LOW): As a PDF parsing skill, it processes untrusted document content. While the parsing itself is safe, the resulting markdown or JSON is intended to be read by an AI agent. This constitutes a standard ingestion surface common to all document parsers, but the skill code itself does not contain vulnerabilities that facilitate this attack beyond its primary purpose.
Audit Metadata