boof
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: Vulnerable to indirect prompt injection via document processing.\n
- Ingestion points: The scripts/boof.sh script processes PDF files for conversion and indexing.\n
- Boundary markers: Absent. No delimiters are used for document excerpts to distinguish them from system instructions.\n
- Capability inventory: Local execution of processing tools and file system access for storage.\n
- Sanitization: Extracted document content is not sanitized for malicious instructions or prompt-altering sequences.\n- [EXTERNAL_DOWNLOADS]: Documentation directs users to install dependencies from external sources like PyPI and GitHub (marker-pdf and tobi/qmd). These are legitimate requirements for the skill's conversion and indexing capabilities.\n- [COMMAND_EXECUTION]: The boof.sh script executes local binaries for conversion and indexing. It uses safe variable quoting and path handling to mitigate command injection risks from file names.
Audit Metadata