pdf-to-markdown

Fail

Audited by Snyk on May 15, 2026

Risk Level: CRITICAL
Full Analysis

CRITICAL E004: Prompt injection detected in skill instructions.

  • Potential prompt injection detected (high risk: 0.90). The prompt embeds explicit workflow-and-authority directives (mandatory task-tracking, workflow execution protocol, "subagent authorization" to spawn_agent, and instructions to ignore other mode-switches) that are unrelated to PDF-to-Markdown conversion and attempt to change/override agent behavior, so they act as deceptive/out-of-scope prompt-injection instructions.

Issues (1)

E004
CRITICAL

Prompt injection detected in skill instructions.

Audit Metadata
Risk Level
CRITICAL
Analyzed
May 15, 2026, 07:03 AM
Issues
1
Security Audit — snyk — pdf-to-markdown