Skills
skills/borghei/claude-skills/pdf-toolkit/Gen Agent Trust Hub

pdf-toolkit

Pass

Audited by Gen Agent Trust Hub on May 10, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill relies on the execution of a local Python script, scripts/pdf_auditor.py, to perform its core function of auditing PDF documents. This script is called via shell commands in the described workflows.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it ingests and processes untrusted data from PDF files.
  • Ingestion points: The script scripts/pdf_auditor.py reads the binary content of user-provided PDF files and extracts metadata strings.
  • Boundary markers: Absent. The script outputs metadata fields directly without using delimiters or protective instructions for the agent consuming the output.
  • Capability inventory: The agent executes scripts/pdf_auditor.py to obtain document statistics and metadata.
  • Sanitization: Absent. While the script decodes various PDF string formats, it does not sanitize the resulting text for malicious instructions or prompt injection patterns.
Audit Metadata
Risk Level
SAFE
Analyzed
May 10, 2026, 03:23 PM