Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill facilitates the extraction of text from external PDF documents, creating a vulnerability surface where malicious instructions embedded in a PDF could influence the agent's behavior. * Ingestion points: SKILL.md provides methods to extract text using
pypdf,pdfplumber, andpytesseract. * Boundary markers: No delimiters or 'ignore' instructions are suggested to separate extracted content from agent instructions. * Capability inventory: The skill demonstrates file-writing capabilities and execution of system-level PDF utilities. * Sanitization: The guide does not include steps for sanitizing or validating extracted text before it enters the agent's context. - [COMMAND_EXECUTION]: The skill includes documentation and examples for executing various command-line utilities such as
qpdf,pdftotext, andpdftkto perform document manipulation tasks.
Audit Metadata