extracting-mistral-ocr
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a bundled Python script located at 'scripts/mistral_ocr_extract.py' using the Bash tool to handle PDF and image processing.
- [EXTERNAL_DOWNLOADS]: The script performs network requests to 'api.mistral.ai' for file uploads and OCR processing. Mistral AI is a well-known service provider.
- [PROMPT_INJECTION]: The skill creates a surface for indirect prompt injection by processing external document content. 1. Ingestion points: The script ingests text and data from local files or remote URLs provided by the user via the Mistral OCR API. 2. Boundary markers: Extracted text is written to output files like 'combined.md' without using specific delimiters or warnings to ignore embedded instructions. 3. Capability inventory: The skill has access to the local file system for reading and writing, network access to the Mistral API, and shell execution capabilities. 4. Sanitization: No sanitization or filtering of instructions is performed on the text returned from the OCR process before it is stored for use by the agent.
Audit Metadata