document-skills/pdf

Pass

Audited by Gen Agent Trust Hub on May 19, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill provides a comprehensive toolkit for PDF tasks including merging, splitting, text extraction, and OCR. It uses standard, official libraries such as pypdf, pdfplumber, and reportlab.
  • [SAFE]: All included scripts, such as extract_form_field_info.py and fill_pdf_form_with_annotations.py, are transparent and focused on the stated functionality with no malicious patterns or exfiltration logic.
  • [SAFE]: The use of a monkeypatch in fill_fillable_fields.py is documented as a fix for a specific library bug in pypdf and does not represent a security risk.
  • [SAFE]: No evidence of data exfiltration, credential harvesting, or malicious prompt injection was identified. All URL references point to official documentation or legitimate issue trackers.
  • [SAFE]: While the skill processes untrusted PDF documents (representing an indirect prompt injection surface), this is core to its purpose, and the provided validation scripts (e.g., check_bounding_boxes.py) assist in maintaining integrity.
Audit Metadata
Risk Level
SAFE
Analyzed
May 19, 2026, 04:40 AM
Security Audit — agent-trust-hub — document-skills/pdf