Pass
Audited by Gen Agent Trust Hub on Jun 20, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill documentation instructs the agent to utilize standard command-line utilities such as qpdf, pdftotext, and pdfimages for PDF processing tasks.
- [EXTERNAL_DOWNLOADS]: The instructions and scripts reference several well-known industry libraries for PDF handling, including pypdf, pdfplumber, reportlab, and pdf-lib.
- [PROMPT_INJECTION]: The skill extracts content from untrusted PDF documents, creating an indirect prompt injection surface where malicious instructions within a PDF could potentially influence the agent's behavior. Ingestion points: SKILL.md, scripts/fill_fillable_fields.py. Boundary markers: Absent. Capability inventory: File system writes, command execution (bash). Sanitization: Absent.
Audit Metadata