pdfkit
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill implements functions that ingest external data such as table rows, headers, and document titles to be rendered directly into PDF files. This creates a surface for indirect prompt injection where malicious instructions embedded in the input data could be interpreted by downstream agents or systems processing the generated PDFs.
- Ingestion points: Found in src/pdf/table.ts, src/pdf/headers.ts, and src/pdf/stream.ts via function parameters.
- Boundary markers: The examples do not utilize delimiters or warnings to isolate untrusted content.
- Capability inventory: The skill has the capability to write to the file system (fs.createWriteStream) and stream data to network responses (res.pipe).
- Sanitization: No input validation or sanitization is present in the provided examples.
Audit Metadata