The Agent Skills Directory

[COMMAND_EXECUTION]: The script scripts/agent.py correctly implements external tool calls to peepdf, pdfid, and pdf-parser.py using subprocess.run with list-based arguments. This method ensures that file paths and object IDs are treated as literal strings, effectively preventing shell command injection attacks.
[EXTERNAL_DOWNLOADS]: The documentation references the installation of peepdf-3 and related scripts. These resources are well-known, legitimate utilities within the cybersecurity community and are used for their intended analytical purposes.
[PROMPT_INJECTION]: The skill inherently processes untrusted data from malicious PDF files, creating a surface for indirect prompt injection if the resulting analysis report is processed by an LLM. However, the risk is mitigated by the skill's specific purpose and the use of structured JSON output. Ingestion points: PDF file content processed in scripts/agent.py. Boundary markers: Structured JSON reporting. Capability inventory: Limited to static file parsing and standard tool execution. Sanitization: Content is extracted for forensic analysis without modification.

analyzing-malicious-pdf-with-peepdf