Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill instructs the agent to use standard, well-known PDF processing libraries (such as pypdf and pdfplumber) and command-line utilities. No malicious patterns or unauthorized behaviors were detected.
- [SAFE]: Best practices are followed by requiring the agent to ask the user before installing dependencies or performing computationally expensive OCR tasks.
- [SAFE]: The skill contains specific instructions for verifying that redacted text is actually removed from the output, preventing accidental data exposure.
- [PROMPT_INJECTION]: The skill has a surface area for indirect prompt injection because it processes untrusted PDF data.
- Ingestion points: PDF files identified as primary inputs (SKILL.md).
- Boundary markers: Absent from the current instructions.
- Capability inventory: PDF manipulation (extraction, merging, rotation) via specific Python libraries and CLI tools (qpdf, mutool, etc.).
- Sanitization: Not explicitly mentioned; the skill relies on the parsing behavior of the specified libraries.
Audit Metadata