business-document-generator
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS] (SAFE): The skill instructions specify the installation of 'pypdf' and 'reportlab' via pip. These are well-established, reputable libraries for PDF processing.
- [DATA_EXFILTRATION] (SAFE): Analysis of the Python script shows no network communication or access to sensitive local files. All processing occurs locally.
- [COMMAND_EXECUTION] (SAFE): The script executes standard document generation logic and file system operations without invoking shell commands or dynamic code execution.
- [PROMPT_INJECTION] (SAFE): Assessment of indirect prompt injection surface: 1. Ingestion points: 'data_file' parameter in 'scripts/generate_document.py'. 2. Boundary markers: Absent. 3. Capability inventory: Writes generated PDFs to the local file system. 4. Sanitization: Data is rendered as text on a PDF canvas. This surface is identified as safe as it is integral to the primary document generation function.
Audit Metadata