Pass
Audited by Gen Agent Trust Hub on Mar 25, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill documents the use of standard command-line utilities including
pdftotext,qpdf,pdftk, andpdfimagesfor document manipulation and extraction tasks. - [EXTERNAL_DOWNLOADS]: The guide recommends installing common Python packages such as
pypdf,pdfplumber,reportlab,pytesseract, andpdf2imageto perform programmatic PDF processing. - [INDIRECT_PROMPT_INJECTION]: The skill facilitates the extraction of text and data from external PDF files. This represents a data ingestion surface where maliciously crafted PDF content could potentially influence the behavior of an agent processing the extracted text, although no exploitable capability is directly provided in the skill itself.
- Ingestion points: File reads in
SKILL.md(e.g.,PdfReader("document.pdf"),pdfplumber.open("document.pdf")). - Boundary markers: None specified in the snippets.
- Capability inventory: File system writes (
open("...", "wb")), subprocess execution (CLI tools). - Sanitization: Not explicitly addressed in the code examples.
Audit Metadata