Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: All libraries and tools mentioned (pypdf, pdfplumber, reportlab, qpdf, pytesseract) are standard industry utilities for PDF management and OCR. The source 'anthropics/skills' is a known trusted repository.- [COMMAND_EXECUTION]: The skill documentation includes examples of using command-line utilities such as 'qpdf' and 'pdftotext' to manipulate and extract information from documents.- [PROMPT_INJECTION]: Evaluation of the indirect prompt injection surface:
- Ingestion points: Untrusted data is ingested through 'PdfReader', 'pdfplumber.open', and 'pdftotext' operations on external files (SKILL.md).
- Boundary markers: No explicit delimiters or boundary markers are utilized in the provided code examples.
- Capability inventory: The skill allows for file system writes and command-line execution for document processing (SKILL.md).
- Sanitization: The skill relies on standard library parsing and does not implement explicit sanitization of extracted document content.
Audit Metadata