mineru-pdf-parser
Pass
Audited by Gen Agent Trust Hub on Jul 3, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The script
scripts/mineru_parse.pyusesos.system()to install dependencies (uv,mineru) and download models. These calls use hardcoded strings and require the user to explicitly pass the--installflag. - [EXTERNAL_DOWNLOADS]: The skill facilitates the installation of the
mineruanduvpackages from the Python Package Index (PyPI), which is a well-known package registry. - [PROMPT_INJECTION]: The skill identifies as an attack surface for indirect prompt injection (Category 8) as it processes potentially untrusted external data.
- Ingestion points: External PDF files are ingested through the
mineru.parse()method inscripts/mineru_parse.py. - Boundary markers: The output Markdown does not use explicit delimiters or instructions to ignore embedded commands from the source PDF.
- Capability inventory: The skill possesses capabilities for file system writes (saving results) and shell command execution (via the install function).
- Sanitization: No content validation or sanitization is performed on the text extracted from the PDF before it is interpolated into the agent's context.
Audit Metadata