pdf-extract

Pass

Audited by Gen Agent Trust Hub on Jun 16, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill fetches the pymupdf package from the official Python Package Index (PyPI) using the uv tool at runtime.
  • [COMMAND_EXECUTION]: The skill executes Python scripts via the shell to interact with the local file system for reading PDF documents and saving extracted text.
  • [PROMPT_INJECTION]: The skill contains an attack surface for indirect prompt injection as it processes external data from PDF files:
  • Ingestion points: PDF content and metadata are read using the fitz (pymupdf) library in SKILL.md.
  • Boundary markers: No delimiters or safety instructions are included to isolate the extracted text from the agent's instructions.
  • Capability inventory: The skill is granted Bash, Read, and Write permissions.
  • Sanitization: There is no filtering or validation of the text extracted from the source files.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 16, 2026, 03:10 PM
Security Audit — agent-trust-hub — pdf-extract