ai-pdf
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [DATA_EXFILTRATION]: The skill transmits user-provided PDF content, including text, files, and URLs, to the vendor's infrastructure at
https://ai-skills.ai. This is consistent with the skill's stated purpose of providing AI-powered document analysis. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes untrusted data from external PDF sources (files, text, or URLs) provided via the
materialText,materialFile, andmaterialUrlparameters. This content is subsequently interpreted by the AI to generate summaries and recommendations, creating an attack surface where instructions embedded within the document could potentially override agent behavior. - Ingestion points: User-supplied PDF content through
materialText,materialFile, andmaterialUrldefined inreferences/form-schema.json. - Boundary markers: None found in the provided files to separate untrusted data from system instructions.
- Capability inventory: The skill's capabilities are focused on API interaction via
scripts/run.py; no local subprocess execution or system file modifications were detected. - Sanitization: No evidence of input validation or sanitization of the PDF content prior to processing.
Audit Metadata