skills/hkuds/deeptutor/pdf/Gen Agent Trust Hub

pdf

Pass

Audited by Gen Agent Trust Hub on Jun 16, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [SAFE]: The skill operates within a shell sandbox, providing a necessary layer of isolation between the PDF processing tasks and the host system.
  • [SAFE]: The instructions incorporate explicit security constraints, specifically directing the agent to avoid network connectivity and prohibiting the use of pip to install additional packages.
  • [PROMPT_INJECTION]: The skill's core functionality involves processing untrusted content from external PDF files, which constitutes a potential vector for indirect prompt injection attacks.
  • Ingestion points: The skill reads text, tables, and metadata from user-provided PDF files using libraries like pdfplumber, pypdf, and PyMuPDF.
  • Boundary markers: No specific boundary markers or instructions to ignore embedded commands within the PDF content are present in the provided documentation.
  • Capability inventory: The agent is instructed to execute Python code and interact with the shell sandbox to perform file operations.
  • Sanitization: There is no evidence of sanitization, filtering, or validation of the data extracted from the PDFs before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 16, 2026, 01:34 PM
Security Audit — agent-trust-hub — pdf