mineru
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill defines workflows using local shell commands including mkdir, cd, jq, and unzip to handle directory structures and process API responses.
- [EXTERNAL_DOWNLOADS]: The skill fetches document parsing results from mineru.net, which is the official domain for the MinerU service.
- [PROMPT_INJECTION]: The skill presents a potential surface for indirect prompt injection as it processes untrusted external content. 1. Ingestion points: File URLs provided to the /api/v4/extract/task endpoint in SKILL.md. 2. Boundary markers: None identified in the provided instructions. 3. Capability inventory: Includes shell commands for file manipulation and unzipping archives in SKILL.md. 4. Sanitization: No evidence of input sanitization or validation of the parsed output is mentioned.
Audit Metadata