ai-pdf-builder
Warn
Audited by Gen Agent Trust Hub on Feb 22, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [Command Execution] (MEDIUM): The skill instructs the agent to perform system checks using
which pandocand execute thenpx ai-pdf-buildercommand suite. These operations provide a direct interface for running arbitrary package code. - [Privilege Escalation] (MEDIUM): The installation instructions explicitly include
sudocommands for system package management (apt-get) and LaTeX package management (tlmgr), which may lead to excessive permissions if misused in an automated context. - [External Downloads] (LOW): The skill relies on
npxto fetch and execute theai-pdf-builderpackage at runtime from the npm registry. The package author is not on the trusted list. - [Indirect Prompt Injection] (LOW): The 'enhance' and 'summarize' features process external markdown files through an LLM. Malicious instructions embedded in these files could attempt to influence the agent's behavior. 1. Ingestion points: Markdown files (e.g.,
./content.md,./draft.md). 2. Boundary markers: Absent. 3. Capability inventory: System command execution (npx) and Anthropic API calls. 4. Sanitization: None specified for input data validation.
Audit Metadata