Skills
skills/zai-org/glm-v/glmv-doc-based-writing/Gen Agent Trust Hub

glmv-doc-based-writing

Pass

Audited by Gen Agent Trust Hub on May 11, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill mentions the installation of PyMuPDF via pip to support processing local PDF files. This is a well-known and widely used library for PDF manipulation.
  • [INDIRECT_PROMPT_INJECTION]: The skill ingests untrusted data from external URLs and local documents provided by the user. This creates an indirect prompt injection surface where instructions embedded in documents could attempt to influence the model's output. However, the risk is mitigated by the skill's specific system prompt which defines clear writing protocols and constraints.
  • Ingestion points: The --files parameter in scripts/doc_based_writing.py accepts URLs and local paths.
  • Boundary markers: The user prompt is structured with a clear template, though document contents are passed as multimodal inputs (file/image URLs) to the API.
  • Capability inventory: The script can read local files, make network requests to the ZhiPu API, and write output to a local file.
  • Sanitization: Standard for this type of skill; the model's own safety filters are the primary defense.
  • [COMMAND_EXECUTION]: The skill operates by executing a Python script (scripts/doc_based_writing.py) to perform its tasks, which is the intended functionality.
Audit Metadata
Risk Level
SAFE
Analyzed
May 11, 2026, 04:12 AM
Security Audit — agent-trust-hub — glmv-doc-based-writing