Skills
skills/touricks/fanshi_personal_skills/study-notes-generator/Gen Agent Trust Hub

study-notes-generator

Pass

Audited by Gen Agent Trust Hub on Feb 21, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • COMMAND_EXECUTION (LOW): The skill instructs the agent to execute a specific local binary (/opt/homebrew/bin/pdftotext) to process large PDF files. While this is the intended primary purpose of the skill, any shell command execution involves a potential risk if inputs (like filenames) are not handled securely.\n- PROMPT_INJECTION (LOW): The skill processes untrusted documents from the slides/ directory and is vulnerable to indirect prompt injection.\n
  • Ingestion points: PDF and TXT documents in the slides/ folder.\n
  • Boundary markers: Absent. There are no instructions for the agent to use delimiters or specific logic to ignore instructions embedded within the processed text.\n
  • Capability inventory: Shell command execution (pdftotext), file-system write access to the notes/ directory, and the ability to spawn background agents via the Task tool.\n
  • Sanitization: Absent. The agent is not instructed to sanitize or escape HTML tags found in the source documents before placing them into the HTML template, which could lead to XSS if a user opens the generated files in a browser.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 21, 2026, 07:34 AM