report-analyzer
Pass
Audited by Gen Agent Trust Hub on May 15, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes shell commands such as
findto locate PDF and PPTX files within the working directory and subdirectories. - [EXTERNAL_DOWNLOADS]: Automatically installs several Python packages including
pdfplumber,pypdf,markitdown,pytesseract, andpdf2imageto facilitate file processing. - [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection (Category 8) because it ingests data from untrusted external documents (PDF and PPTX reports) provided by users or attackers.
- Ingestion points: The skill reads full text and table data from uploaded documents in
SKILL.md(Step 3). - Boundary markers: Employs instructions such as 'Extract only facts and data from the report — do not infer or fabricate' and 'All numbers must be exact' to guide the agent, though these do not prevent adversarial injection.
- Capability inventory: The skill has the ability to execute arbitrary Python code and shell commands for file management and extraction.
- Sanitization: No programmatic sanitization or filtering of document content is performed prior to analysis.
Audit Metadata