pdf-fill-studio
Pass
Audited by Gen Agent Trust Hub on Jun 12, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the agent to install the
pdf-fill-studiopackage usingpip install pdf-fill-studio. This is the intended distribution method for the tool. - [COMMAND_EXECUTION]: The skill invokes the
pdf-fill-studioCLI and thepdf_fill_studio.render_pagePython module to perform local file operations. These actions are within the scope of the skill's purpose as a PDF manipulation tool. - [PROMPT_INJECTION]: The skill has an indirect prompt injection surface as it processes untrusted PDF files and JSON profiles.
- Ingestion points: Data is read from
form.pdfandprofile.jsonas specified in the flow. - Boundary markers: Absent; no specific markers are mentioned for the agent to distinguish between instructions and data content.
- Capability inventory: The agent executes shell commands (
pdf-fill-studio) and Python modules on the local file system. - Sanitization: Not explicitly described in the skill content.
Audit Metadata