docling-graph
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes local Python scripts (
check-env.pyandlint-template.py) and thedocling-graphCLI for operational tasks. Inscripts/check-env.py,subprocess.runis used to executedocling-graph --helpto verify the command-line environment. - [DYNAMIC_EXECUTION]: The
scripts/check-env.pyutility usesimportlib.import_moduleto verify that user-defined Pydantic templates can be successfully imported and validated. This is a necessary functional component for checking graph schema integrity. - [INDIRECT_PROMPT_INJECTION]: The skill is designed to extract data from untrusted document sources which may contain adversarial text intended to influence agent behavior.
- Ingestion points: PDF, HTML, DOCX, and images are listed as document sources in
SKILL.mdandreferences/pipeline-configuration.md. - Boundary markers: Not explicitly defined in the provided workflow instructions, though the skill relies on structured Pydantic schemas for extraction.
- Capability inventory: File system access and subprocess execution are present in the helper scripts and the target
docling-graphtool. - Sanitization: No explicit sanitization or filtering of ingested document content is performed by the provided skill scripts.
Audit Metadata