Skills
skills/navanithans/agent-skill-kit/ask-pdf-processing/Gen Agent Trust Hub

ask-pdf-processing

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • Indirect Prompt Injection (LOW): The skill has a vulnerability surface for indirect prompt injection via the processing of untrusted PDF content. Malicious instructions inside PDFs could be extracted and interpreted by the agent.\n
  • Ingestion points: PDF content is ingested in scripts/extract_text.py (via pdfplumber) and scripts/fill_form.py (via pypdf).\n
  • Boundary markers: Absent. The scripts do not use any delimiters or specific instructions to isolate extracted content from the agent's system instructions.\n
  • Capability inventory: The skill includes file-writing capabilities in scripts/extract_text.py (Path.write_text), scripts/fill_form.py (writer.write), and scripts/merge_pdfs.py (writer.write). No network or shell execution capabilities are implemented within the scripts themselves.\n
  • Sanitization: Absent. Extracted text is returned to the agent without validation, filtering, or escaping.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:50 PM