Skills
skills/openclaw/skills/pdf-process-mineru/Gen Agent Trust Hub

pdf-process-mineru

Pass

Audited by Gen Agent Trust Hub on Mar 7, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The script script/pdf_parser.py uses subprocess.run to call the mineru command-line tool. It passes arguments as a list, which is a secure practice that prevents shell injection vulnerabilities.
  • [EXTERNAL_DOWNLOADS]: The install.sh script and installation instructions in SKILL.md perform downloads to install uv and the mineru[all] package from the standard Python Package Index (PyPI).
  • [PROMPT_INJECTION]: The skill is subject to indirect prompt injection risks because it processes untrusted external data.
  • Ingestion points: The file_path parameter in pdf_parser.py allows the skill to read any PDF file provided by a user or external source.
  • Boundary markers: There are no explicit boundary markers or instructions to the agent to ignore instructions embedded within the parsed PDF content.
  • Capability inventory: The skill has the capability to execute subprocesses (mineru CLI) and perform file system operations (creating directories and reading/writing files).
  • Sanitization: The skill does not perform any sanitization or filtering of the text extracted from the PDF before returning it to the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 7, 2026, 03:30 AM