Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or security risks detected. The skill's operations, including file system access for PDF reading and writing, are consistent with its stated purpose.
- [PROMPT_INJECTION]: The skill processes untrusted PDF files, which is an inherent attack surface for indirect prompt injection. However, the risk is assessed as safe as the skill focuses on structured data extraction and form filling rather than general-purpose reasoning over document content.
- Ingestion points: 'scripts/extract_form_field_info.py', 'scripts/fill_fillable_fields.py', and 'scripts/fill_pdf_form_with_annotations.py' (via pypdf.PdfReader).
- Boundary markers: None present.
- Capability inventory: File system write access for generating PDFs and PNG images.
- Sanitization: None present for text content.
- [SAFE]: A monkeypatch in 'scripts/fill_fillable_fields.py' addresses a specific bug in the pypdf library. This is a targeted, non-malicious modification of a dependency at runtime to handle selection list fields correctly.
Audit Metadata