Skills
skills/pixel-process-ug/superkit-agents/pdf-processing/Gen Agent Trust Hub

pdf-processing

Pass

Audited by Gen Agent Trust Hub on Apr 2, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill includes code utilizing pytesseract and pdf2image. These libraries function as wrappers that execute external system-level binaries (Tesseract OCR and Poppler) via subprocesses to perform optical character recognition and PDF-to-image conversion.
  • [PROMPT_INJECTION]: The skill facilitates the extraction of text and tables from external PDF files, which represents an indirect prompt injection surface. Untrusted content from these files could contain instructions designed to manipulate the agent's logic in downstream tasks. \n
  • Ingestion points: pdfplumber.open() and PdfReader() in SKILL.md are used to load external PDF data. \n
  • Boundary markers: No specific delimiters or instructions to ignore embedded commands are included in the extraction snippets. \n
  • Capability inventory: The skill includes file system write operations (writer.write()) and the ability to execute OCR processes. \n
  • Sanitization: There is no evidence of text sanitization or validation to filter out potential adversarial prompts within the processed PDF content.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 2, 2026, 12:42 AM