Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill acts as a reference guide for PDF manipulation using established libraries such as pypdf, pdfplumber, and reportlab. All code examples demonstrate routine operations like reading, merging, splitting, and extracting data from PDF files.
- [PROMPT_INJECTION]: The skill has a potential surface for indirect prompt injection as it processes external PDF files which could contain hidden instructions.
- Ingestion points: PDF files are ingested in SKILL.md using PdfReader and pdfplumber.open.
- Boundary markers: None present in the code snippets.
- Capability inventory: Includes file reading, writing, and execution of CLI tools (qpdf, pdftotext).
- Sanitization: No explicit sanitization of extracted content is shown, which is standard for library usage examples. The risk is assessed as safe/low given the tool's intended purpose.
Audit Metadata