pdf-skill
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADS
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill provides instructions for parsing and extracting data from PDF files, which is a common vector for indirect prompt injection.
- Ingestion points: PDF parsing and text extraction tasks described in
SKILL.md(e.g., usingpdf-parse,PyPDF2). - Boundary markers: No specific delimiters or safety instructions are provided to separate extracted content from agent instructions.
- Capability inventory: The skill involves file system operations (saving PDFs) and potential network activity (via Puppeteer/Playwright for HTML conversion).
- Sanitization: There is no guidance on sanitizing or validating the content extracted from PDFs before it is used in subsequent reasoning steps.
- [External Downloads] (SAFE): The skill references standard, reputable libraries (e.g.,
pdfkit,puppeteer,pdf-lib) from public registries. These references are for legitimate functionality and do not involve suspicious remote script execution.
Audit Metadata