pdf-to-text
Pass
Audited by Gen Agent Trust Hub on Jul 2, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches a platform-specific binary from the developer's official CDN (agent-cdn.nutrient.io). This process handles initial installation and periodic updates of the conversion engine.
- [COMMAND_EXECUTION]: Executes the downloaded binary to perform PDF text extraction. The script also performs local filesystem operations such as creating symlinks and managing files within the user's home directory (~/.local/share/nutrient).
- [PROMPT_INJECTION]: The skill creates an indirect prompt injection surface when processing untrusted PDF files.
- Ingestion points: Content is read from PDF files provided as input to the conversion tool.
- Boundary markers: Absent. The skill extracts raw text without wrapping it in delimiters or providing instructions to the agent to treat the output as untrusted data.
- Capability inventory: The skill can execute local binaries and perform file read/write operations within the user's environment.
- Sanitization: Absent. The extraction process mirrors the PDF layout exactly without filtering or escaping content that might contain instructions.
Audit Metadata