PDF Processing Pro
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [Privilege Escalation] (HIGH): The OCR.md file recommends executing 'sudo apt-get install tesseract-ocr', which requires and grants administrative privileges, posing a security risk.
- [Indirect Prompt Injection] (LOW): The skill processes untrusted PDF documents, which serves as an ingestion point for potential indirect prompt injection attacks. Ingestion points: PDF files processed via scripts like analyze_form.py. Boundary markers: None. Capability inventory: File reading, writing, and subprocess execution. Sanitization: None for the content of the PDF files.
- [Unverifiable Dependencies & Remote Code Execution] (MEDIUM): The skill relies on multiple third-party libraries and external system binaries that are not sourced from the defined trusted organizations or repositories.
Recommendations
- AI detected serious security threats
Audit Metadata