Skills
skills/k-dense-ai/claude-scientific-skills/liteparse/Gen Agent Trust Hub

liteparse

Pass

Audited by Gen Agent Trust Hub on May 29, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface as it is designed to parse and ingest untrusted external data (PDFs, Office documents, images) into the agent's context.
  • Ingestion points: Data ingestion occurs through the LiteParse.parse() method and the lit parse CLI utility as documented in SKILL.md and implemented in scripts/batch_parse_dir.py.
  • Boundary markers: There are no explicit instructions or delimiters provided to the agent to treat parsed content as untrusted or to ignore instructions embedded within the extracted text.
  • Capability inventory: The agent has access to Bash, Read, Write, and Edit tools, which could potentially be manipulated by malicious instructions found in processed documents.
  • Sanitization: The skill does not perform automated sanitization or filtering of the extracted text before it is returned to the agent.
  • [EXTERNAL_DOWNLOADS]: The skill facilitates the download and installation of the liteparse Python package and the @llamaindex/liteparse Node.js package from official public registries (PyPI and NPM). It also references official documentation and source code repositories hosted on GitHub by the run-llama organization, which is a well-known entity in the AI infrastructure space.
  • [COMMAND_EXECUTION]: The skill documentation provides instructions for installing system dependencies such as LibreOffice and ImageMagick via standard package managers (apt-get, brew, choco). These are presented as user-facing installation steps and are not executed automatically or silently by the skill scripts.
Audit Metadata
Risk Level
SAFE
Analyzed
May 29, 2026, 12:57 AM
Security Audit — agent-trust-hub — liteparse