pdforge
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- COMMAND_EXECUTION (LOW): Uses
bash -cto executecurlcommands. This is documented as a workaround for environment variable persistence in specific environments. - EXTERNAL_DOWNLOADS (LOW): Communicates with
api.pdfnoodle.comandstorage.googleapis.com. These are necessary for the skill's primary function. - PROMPT_INJECTION (LOW): Represents an indirect prompt injection surface when processing untrusted HTML. Evidence Chain: 1. Ingestion point: /tmp/pdforge_request.json. 2. Boundary markers: None. 3. Capability: Network/Shell via curl. 4. Sanitization: None.
Audit Metadata