Skills
skills/moosegoose0701/skill-compose/pdf/Gen Agent Trust Hub

pdf

Warn

Audited by Gen Agent Trust Hub on Feb 26, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the pdftoppm system utility to render PDF pages into images, which involves executing shell commands with variable inputs.
  • [COMMAND_EXECUTION]: The instructions command the use of sudo apt-get to install system packages, which grants administrative privileges to the installation process.
  • [EXTERNAL_DOWNLOADS]: The skill downloads and installs several Python libraries (reportlab, pdfplumber, pypdf) and system tools (poppler-utils) from well-known public repositories.
  • [PROMPT_INJECTION]: The skill processes content from PDF files which can serve as a vector for indirect prompt injection attacks.
  • Ingestion points: PDF content is read and rendered using pdfplumber, pypdf, and pdftoppm as specified in SKILL.md.
  • Boundary markers: There are no boundary markers or instructions to ignore embedded commands within the PDF data.
  • Capability inventory: The skill can execute shell commands (pdftoppm) and install new software via pip and apt-get.
  • Sanitization: No sanitization or validation of the extracted text or rendered content is performed before processing.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 26, 2026, 10:28 AM