Skills
skills/crazynomad/skills/pdf-to-images/Gen Agent Trust Hub

pdf-to-images

Pass

Audited by Gen Agent Trust Hub on Mar 29, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The script scripts/pdf_to_images.py executes ImageMagick commands (magick or convert) using subprocess.run. It correctly passes arguments as a list, which prevents shell injection vulnerabilities by avoiding the use of shell=True.
  • [COMMAND_EXECUTION]: Documentation in SKILL.md includes sudo commands for installing ImageMagick and updating the /etc/ImageMagick-*/policy.xml file. These instructions are standard procedure for enabling PDF processing capabilities in ImageMagick on Linux and macOS.
  • [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it processes external PDF files provided by the user.
  • Ingestion points: The pdf_file argument in scripts/pdf_to_images.py and the USER_PDF_FILE placeholder in SKILL.md.
  • Boundary markers: None present to delimit content inside the PDF.
  • Capability inventory: Local file system access (read/write) and execution of the ImageMagick binary.
  • Sanitization: The Python script validates that the input file exists and has a .pdf extension before execution.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 29, 2026, 01:30 AM