ai-multimodal
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (LOW): The skill defines dependencies in
scripts/requirements.txtandscripts/tests/requirements.txt, includinggoogle-genai,pypdf, andPillow. These are standard libraries from trusted sources (Google and PyPI). - [COMMAND_EXECUTION] (LOW): In
scripts/tests/test_document_converter.py,subprocess.runis used to executewkhtmltopdffor converting Markdown and HTML to PDF. While shell execution can be risky, it is a necessary component of the skill's stated purpose of document conversion. - [Indirect Prompt Injection] (LOW):
- Ingestion points: The skill ingests untrusted data from external PDF, audio, and image files for processing by an LLM.
- Boundary markers: No explicit boundary markers or 'ignore' instructions are visible in the provided code snippets to prevent the LLM from executing instructions found within the uploaded content.
- Capability inventory: The skill has capabilities to write files to the local disk and upload data to the Google Gemini API.
- Sanitization: There is no evidence of sanitization or filtering for malicious instructions within the processed document content.
Audit Metadata