pdf-reader
Pass
Audited by Gen Agent Trust Hub on Mar 28, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or security vulnerabilities were detected. The skill implements legitimate document processing functionality using established libraries.
- [COMMAND_EXECUTION]: The skill uses Node.js scripts to perform extraction tasks. These scripts process user-provided PDF paths and output arguments locally. There are no patterns of arbitrary command execution or shell injection.
- [DATA_EXFILTRATION]: Analysis of the scripts confirms there are no network operations (e.g., fetch, http, curl) or unauthorized data transmission. File access is limited to reading the target PDF and writing extraction results to the local filesystem as directed.
- [PROMPT_INJECTION]: The skill processes content from external PDF files, which represents a surface for indirect prompt injection.
- Ingestion points: PDF content is read via
fs.readFileSyncin scripts likeextract-text.mjsandsearch-text.mjs. - Boundary markers: The scripts use markers such as
--- Page N ---to delimit content, though they do not include explicit instructions for the agent to ignore embedded commands. - Capability inventory: The skill possesses file-write capabilities (
fs.writeFileSync) for saving extracted data, but no network or arbitrary code execution capabilities. - Sanitization: The skill performs basic sanitization, such as cleaning filenames in
extract-images.mjsand escaping CSV values inextract-tables.mjs.
Audit Metadata