mineru-pdf
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted PDF files, creating a vulnerability surface for indirect prompt injection.
- Ingestion points: Content is read from PDF files via the 'magic-pdf' CLI and Python API.
- Boundary markers: No delimiters or instructions are used to isolate the parsed text from the agent's core instructions.
- Capability inventory: The skill executes shell commands and writes to the local filesystem.
- Sanitization: The skill does not include mechanisms to sanitize the content extracted from documents.
- [COMMAND_EXECUTION]: The skill uses the 'magic-pdf' command-line utility for its primary functionality. While necessary for the skill, any execution involving user-controlled paths should be handled with caution.
Audit Metadata