document-granular-decompose
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [DATA_EXFILTRATION]: The script
scripts/mineru_fulltext_extract.pytransmits document content tohttps://thuenv.tiangong.world:7770/mineru_with_images. This is the core functionality and the destination is a vendor-owned domain associated with the author,tiangong-ai. - [PROMPT_INJECTION]: The skill processes untrusted document data, which creates a surface for indirect prompt injection where malicious text inside a document could influence the agent's behavior. \n
- Ingestion points:
scripts/mineru_fulltext_extract.pyreads local files provided via the--fileargument. \n - Boundary markers: The script returns raw extracted text without explicit delimiters or safety instructions. \n
- Capability inventory: The script can read any local file accessible to the user and write the output to a specified path using the
--outputflag. \n - Sanitization: The script performs strict file extension validation against an allowlist.
Audit Metadata