Skills
skills/vibeeval/vibecosystem/minimax-pdf/Gen Agent Trust Hub

minimax-pdf

Pass

Audited by Gen Agent Trust Hub on Jun 22, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill fetches necessary functional dependencies from established repositories. This includes reportlab, pypdf, and matplotlib from PyPI, and playwright from NPM. It also retrieves typography assets from Google Fonts (fonts.googleapis.com) at runtime via CSS imports.
  • [COMMAND_EXECUTION]: Automated shell commands are used for environment configuration and rendering components.
  • Scripts such as scripts/make.sh, scripts/render_body.py, and scripts/reformat_parse.py utilize subprocess.check_call to install Python packages via pip if they are missing from the system.
  • scripts/render_cover.js executes npx playwright install chromium to ensure the required headless browser is available for the PDF generation pipeline.
  • [SAFE]: The skill ingests data from external sources such as Markdown, PDF, and JSON files to perform its primary function of document reformatting. Analysis shows that these inputs are parsed into a local structured schema for rendering, rather than being interpreted as instructions for the agent, which mitigates indirect prompt injection risks.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 22, 2026, 07:46 AM
Security Audit — agent-trust-hub — minimax-pdf