Skills
skills/sundial-org/awesome-openclaw-skills/mineru-pdf/Gen Agent Trust Hub

mineru-pdf

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • COMMAND_EXECUTION (LOW): The script scripts/mineru_parse.sh executes the mineru command. It employs shell best practices by using arrays (args[@]) to handle arguments, which mitigates standard command injection through malicious filenames. However, it allows arbitrary command selection via the MINERU_CMD environment variable.
  • PROMPT_INJECTION (LOW): Category 8: Indirect Prompt Injection. The skill parses untrusted PDF files into Markdown and JSON for agent consumption, creating a surface for embedded instructions.
  • Ingestion points: scripts/mineru_parse.sh processes local PDF files specified by the user or agent.
  • Boundary markers: Absent. The skill produces raw structured text without delimiters or warnings to the downstream agent about the untrusted nature of the content.
  • Capability inventory: Subprocess execution of the mineru tool and file system write access via mkdir.
  • Sanitization: None. The skill performs a literal extraction of text and layout data from the source document.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:33 PM