pdf-extract
Pass
Audited by Gen Agent Trust Hub on Jun 16, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill fetches the
pymupdfpackage from the official Python Package Index (PyPI) using theuvtool at runtime. - [COMMAND_EXECUTION]: The skill executes Python scripts via the shell to interact with the local file system for reading PDF documents and saving extracted text.
- [PROMPT_INJECTION]: The skill contains an attack surface for indirect prompt injection as it processes external data from PDF files:
- Ingestion points: PDF content and metadata are read using the
fitz(pymupdf) library inSKILL.md. - Boundary markers: No delimiters or safety instructions are included to isolate the extracted text from the agent's instructions.
- Capability inventory: The skill is granted
Bash,Read, andWritepermissions. - Sanitization: There is no filtering or validation of the text extracted from the source files.
Audit Metadata