pypdf
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (LOW): The skill suggests installing 'pypdf' and 'reportlab' via pip from PyPI. These are reputable and well-known libraries in the Python ecosystem.
- [PROMPT_INJECTION] (LOW): The skill creates a surface for indirect prompt injection as it extracts and processes text from external PDF files. 1. Ingestion points: README.md code snippets use 'PdfReader' to ingest external files. 2. Boundary markers: Absent; there are no instructions to the agent to ignore instructions embedded in the PDF text. 3. Capability inventory: The skill can read files, write files, and extract text which is then printed to the agent's context. 4. Sanitization: Absent; the text is extracted and printed without filtering.
Audit Metadata