pdf-documents
Pass
Audited by Gen Agent Trust Hub on Jul 8, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill facilitates the download of AI models (approx. 1-2 GB) from HuggingFace, a well-known and trusted service, for local document layout and table analysis. This is a one-time operation during the first use of the reading tools.- [COMMAND_EXECUTION]: The provided
setup_env.shscript automates environment configuration by creating a Python virtual environment and installing necessary libraries. This is a standard and safe practice for local tool development.- [REMOTE_CODE_EXECUTION]: Documentation and error logs within the skill suggest installing theuvtool via a piped shell command fromastral.sh. While this pattern is often flagged,astral.shis a well-known technology service, and the command is not executed automatically by the skill's primary scripts.- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface as it ingests and processes content from untrusted PDF files (viaread_pdf.pyandinspect_pdf.py) which are then converted to text/markdown for agent consumption. There are currently no explicit boundary markers or sanitization steps to isolate document content from agent instructions, though capabilities are limited to local file operations and report generation. Ingestion points:read_pdf.pyandinspect_pdf.py. Boundary markers: Absent. Capability inventory: File creation viawrite_pdf.pyand image extraction. Sanitization: Absent.- [SAFE]: No malicious behaviors such as credential theft, data exfiltration to unknown domains, or persistence mechanisms were discovered. All document processing is handled locally.
Audit Metadata