docs-pdf
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection as it converts untrusted PDF content into text for the agent to consume.
- Ingestion points: PDF data is read from file paths provided to the scripts/parse_pdf.py script.
- Boundary markers: No specific delimiters are added to the output to distinguish extracted content from instructions.
- Capability inventory: The skill is restricted to local file system read/write; no network or subprocess capabilities are present.
- Sanitization: The script does not filter or sanitize the extracted text content.
- [SAFE]: The skill uses reputable libraries (pypdf, pdfplumber, markitdown, pdfminer.six) and contains no malicious code or suspicious execution patterns. Dependencies include markitdown which is maintained by Microsoft.
Audit Metadata