liteparse
Pass
Audited by Gen Agent Trust Hub on Mar 19, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the @llamaindex/liteparse package globally via npm and install system-level dependencies such as LibreOffice and ImageMagick from official software repositories. These are standard tools for document processing.\n- [COMMAND_EXECUTION]: Provides various CLI commands using the lit tool for parsing files, batch processing directories, and generating page screenshots locally.\n- [PROMPT_INJECTION]: Identifies a surface for indirect prompt injection through the parsing of untrusted documents.\n
- Ingestion points: Content is extracted from user-provided files such as PDFs, DOCX, and images.\n
- Boundary markers: The skill requires the agent to produce commands for user approval before any script or CLI operation is executed, providing a manual oversight step.\n
- Capability inventory: Uses the lit CLI to access the local file system for reading documents and writing output files.\n
- Sanitization: No explicit sanitization or filtering of extracted text content is defined within the skill instructions.
Audit Metadata