ocrmypdf-api
Pass
Audited by Gen Agent Trust Hub on Apr 6, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill documents how to process external PDF files which represents an indirect prompt injection surface.
- Ingestion points: The Flask integration example in
SKILL.mdaccepts files via POST requests (request.files['file']). - Boundary markers: The examples do not include boundary markers or instructions for the agent to ignore embedded commands within the processed PDFs.
- Capability inventory: The skill utilizes
ocrmypdf.ocrto process files andos.unlinkfor file management. - Sanitization: The provided code snippets do not implement sanitization or validation of the input PDF content before processing.
- [SAFE]: The skill provides standard documentation for the OCRmyPDF library. Package installations and file handling patterns in the examples are appropriate for the described functionality.
Audit Metadata