pdf-to-text

Pass

Audited by Gen Agent Trust Hub on Jul 2, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches a platform-specific binary from the developer's official CDN (agent-cdn.nutrient.io). This process handles initial installation and periodic updates of the conversion engine.
  • [COMMAND_EXECUTION]: Executes the downloaded binary to perform PDF text extraction. The script also performs local filesystem operations such as creating symlinks and managing files within the user's home directory (~/.local/share/nutrient).
  • [PROMPT_INJECTION]: The skill creates an indirect prompt injection surface when processing untrusted PDF files.
  • Ingestion points: Content is read from PDF files provided as input to the conversion tool.
  • Boundary markers: Absent. The skill extracts raw text without wrapping it in delimiters or providing instructions to the agent to treat the output as untrusted data.
  • Capability inventory: The skill can execute local binaries and perform file read/write operations within the user's environment.
  • Sanitization: Absent. The extraction process mirrors the PDF layout exactly without filtering or escaping content that might contain instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 2, 2026, 03:33 PM
Security Audit — agent-trust-hub — pdf-to-text