ai-slop-document-auditor
Pass
Audited by Gen Agent Trust Hub on Jun 23, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill invokes local system utilities, including
pdftotext,textutil,unzip, andpython, to perform read-only text extraction from various document formats (PDF, DOCX, PPTX). These are standard tools for document processing and are used here within a limited, read-only scope. - [PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection because it processes untrusted user-supplied document content (PDF, HTML, Markdown, etc.).
- Ingestion points: SKILL.md identifies extraction points from external files, directories, and pasted text.
- Boundary markers: The workflow attempts to mitigate injection by normalizing content into a structured
document_unitsYAML schema before delegation to sub-agents. - Capability inventory: The skill possesses file-read capabilities and local command execution for extraction.
- Sanitization: The skill relies on structured units and stable IDs to maintain context boundaries during analysis.
Audit Metadata