Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements PDF processing functionality using reputable libraries such as pypdf, pdfplumber, and reportlab. No malicious patterns, obfuscation, or unauthorized network operations were detected.
- [PROMPT_INJECTION]: Analyzed for indirect prompt injection surface as the skill processes untrusted PDF data.
- Ingestion points: PDF content is read by
scripts/extract_form_structure.pyandscripts/extract_form_field_info.py. - Boundary markers: None present in the extraction logic.
- Capability inventory: Performs file system read/write for PDF, JSON, and image files; invokes CLI tools like
qpdfandmagick. - Sanitization: Extracted text is used for layout analysis and filling but is not executed as code.
Audit Metadata