pdf-creator
Pass
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: SAFE
Full Analysis
- Indirect Prompt Injection (SAFE): The skill processes markdown data into HTML for PDF generation. • Ingestion points: scripts/md_to_pdf.py (reads user-provided markdown). • Boundary markers: Absent; processes entire file content. • Capability inventory: weasyprint may resolve local file paths or network resources if HTML tags are injected into the source markdown. • Sanitization: Absent; markdown is converted directly to HTML. • Risk: Considered low/safe as it is an inherent property of document conversion tools and not a malicious implementation.
- Metadata Poisoning (SAFE): The file .security-scan-passed contains an external claim of safety which was disregarded to ensure an independent verdict.
- Privilege Escalation (SAFE): Mentions of DYLD_LIBRARY_PATH in documentation are standard troubleshooting steps for macOS users and do not involve malicious automated commands.
- Data Exposure (SAFE): No unauthorized file access or credential exposure detected; scripts only access paths provided by the user.
Audit Metadata