syncfusion-dotnet-pdf
Pass
Audited by Gen Agent Trust Hub on Mar 26, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes
dotnet scriptto run dynamically generated C# scripts (.csx) for document processing tasks (Mode 2). This execution is limited to the skill's specific scripts directory. - [EXTERNAL_DOWNLOADS]: Fetches official Syncfusion libraries and Tesseract OCR data from the NuGet registry. It also references official SDKs for cloud services including Azure, AWS, and Google Cloud.
- [DATA_EXFILTRATION]: Provides snippets for uploading PDF documents to external cloud storage providers (Azure Blob Storage, AWS S3, Google Drive, Google Cloud Storage, and Dropbox). These operations use standard SDK patterns and rely on user-supplied credentials.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) as it reads and processes text from external PDF files which could contain adversarial instructions.
- Ingestion points: External PDF data is ingested via
PdfLoadedDocumentand text extraction methods (ExtractText,ExtractText(out lines)) inextract-text.mdandocr.md. - Boundary markers: The provided code snippets and templates do not implement delimiters or 'ignore' instructions to isolate extracted text from the agent's control logic.
- Capability inventory: The skill possesses capabilities for file system writes, network communication to multiple cloud providers, and shell execution via
dotnet script. - Sanitization: No content sanitization, escaping, or instruction-filtering logic is present for data extracted from documents.
Audit Metadata