pdf-processor
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill extracts text from external PDF files which serves as a potential ingestion point for untrusted data. Evidence: (1) Ingestion point: reader.pages.extract_text() in SKILL.md. (2) Boundary markers: None present in code samples. (3) Capability inventory: File system read/write and PDF manipulation. (4) Sanitization: No sanitization or validation of extracted text is performed.
- External Dependencies (SAFE): The skill references established libraries such as PyPDF2, pdf-lib, and weasyprint from official registries.
Audit Metadata