Skills
skills/bulls-cows/skills/yy-read-pdf/Gen Agent Trust Hub

yy-read-pdf

Pass

Audited by Gen Agent Trust Hub on Mar 23, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is designed to process external PDF files which are untrusted data sources. This introduces a surface for indirect prompt injection where malicious text within a PDF could attempt to subvert the agent's instructions.
  • Ingestion points: Reads file content from user-provided paths (SKILL.md, Step 2).
  • Boundary markers: Absent. The instructions do not specify the use of delimiters or 'ignore' instructions for the extracted text.
  • Capability inventory: The skill utilizes file reading capabilities and command-line text extraction tools.
  • Sanitization: Absent. Extracted content is processed and output directly without filtering for potential prompt injection patterns.
  • [COMMAND_EXECUTION]: The skill instructs the agent to use command-line utilities such as pdftotext to extract data from files.
  • The instructions include a verification step to ensure the file exists and has a .pdf extension, which helps mitigate basic path manipulation, though it does not explicitly restrict execution to a specific sandbox or directory.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 23, 2026, 12:44 AM