Skills
skills/hkuds/openspace/robust-pdf-read/Gen Agent Trust Hub

robust-pdf-read

Pass

Audited by Gen Agent Trust Hub on May 7, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill directs the agent to execute the pdftotext utility via the run_shell tool. If the input file path is derived from untrusted user input and not properly sanitized by the agent, it could lead to command injection.
  • [EXTERNAL_DOWNLOADS]: Recommends the installation of the poppler-utils package using apt-get install if the utility is not present in the environment.
  • [PROMPT_INJECTION]: As the skill is designed to process external PDF documents, it creates an indirect prompt injection surface. Maliciously crafted PDFs could contain instructions that the agent might inadvertently execute.
  • Ingestion points: Text extracted from PDFs via pdftotext (SKILL.md).
  • Boundary markers: Absent; extracted text is processed directly.
  • Capability inventory: The agent has access to run_shell (SKILL.md).
  • Sanitization: No validation or sanitization of the extracted content is described.
Audit Metadata
Risk Level
SAFE
Analyzed
May 7, 2026, 01:43 AM
Security Audit — agent-trust-hub — robust-pdf-read