skills/mukul975/anthropic-cybersecurity-skills/analyzing-malicious-pdf-with-peepdf/Gen Agent Trust Hub
analyzing-malicious-pdf-with-peepdf
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The script
scripts/agent.pyexecutes external command-line utilities (peepdf,pdfid.py, andpdf-parser.py) using thesubprocessmodule to analyze file structures and extract embedded data.\n- [EXTERNAL_DOWNLOADS]: The skill documentation specifies dependencies on external Python packages (peepdf-3) and security tool suites that must be retrieved from public software repositories.\n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests untrusted PDF data and extracts raw content, such as JavaScript and document metadata, into its analysis reports without sanitization.\n - Ingestion points: Malicious PDF files processed by the logic in
scripts/agent.py.\n - Boundary markers: None; extracted content is appended directly to the analysis output without delimiters or warnings to ignore embedded instructions.\n
- Capability inventory: File system access and the ability to execute external commands via
subprocess.runinscripts/agent.py.\n - Sanitization: The script does not perform any escaping or filtering on the data extracted from the PDF objects.
Audit Metadata