Skills
skills/somarkai/skills/somark-document-parser/Gen Agent Trust Hub

somark-document-parser

Pass

Audited by Gen Agent Trust Hub on Apr 27, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill communicates with the vendor's API at https://somark.tech to perform document parsing tasks.
  • [DATA_EXFILTRATION]: Document content and the SOMARK_API_KEY are transmitted to the SoMark API (https://somark.tech/api/v1/parse/async) for processing. This is the core intended functionality of the skill, and the instructions explicitly advise the user to keep the API key in environment variables rather than sharing it in the chat.
  • [PROMPT_INJECTION]: The skill processes untrusted data from external files, which presents a surface for indirect prompt injection. However, SKILL.md includes robust safety instructions directing the agent to treat parsed content solely as data and to ignore any embedded instructions, role-play attempts, or jailbreak patterns found within the documents.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 27, 2026, 09:25 AM