{"slug":"jonaslejon-malicious-pdf","name":"Malicious Pdf","description":"💀 Generate malicious PDF test files for testing phone-home callbacks, SSRF, XSS, NTLM credential theft, and data exfiltration in PDF viewers, converters, and web applications. Can be used with Burp Collaborator or Interact.sh","long_description":"💀 Generate malicious PDF test files for testing phone-home callbacks, SSRF, XSS, NTLM credential theft, and data exfiltration in PDF viewers, converters, and web applications. Can be used with Burp Collaborator or Interact.sh\n\nImported by the skill-only GitHub discovery pipeline because it matches agent skill, automation, domain workflow, RAG, document-processing, data, finance, security, or developer-tool signals. Protocol-server projects are excluded from automated imports.","tagline":"💀 Generate malicious PDF test files for testing phone-home callbacks, SSRF, XSS, NTLM credential theft, and data exfiltration in PDF viewers, converters, and web applications. Can be used with Burp Collaborator or Interact.sh","category":"document-processing","tags":["pdf","documents","extraction","bugbounty","bugbounty-tool","pdf-generation","penetration-test","penetration-testing","penetrationtesting","pentesting"],"author":"jonaslejon","verified":true,"attribution":{"status":"community_indexed","statusLabel":"Community indexed","shortLabel":"COMMUNITY INDEXED","sourceLabel":"GitHub star discovery","sourceDetail":"jonaslejon/malicious-pdf","creatorName":"jonaslejon","creatorUrl":"https://github.com/jonaslejon","sourceUrl":"https://github.com/jonaslejon/malicious-pdf","indexedBy":"OpenAgentSkill community index","claimUrl":"https://www.openagentskill.com/skills/jonaslejon-malicious-pdf#claim-this-skill","claimCta":"Claim this skill","trustNote":"This listing was indexed from public sources and is not marked official until a maintainer claim is approved.","publicNote":"Attribution links to the public repository or creator profile. Creators can claim the listing to update ownership signals."},"stats":{"stars":4080,"forks":536,"downloads":0,"rating":0,"review_count":0,"quality_score":66.98},"quality":{"score":100,"tier":"excellent","label":"Excellent","summary":"High-confidence pick with strong adoption and healthy maintenance signals.","signals":[{"label":"GitHub stars","value":"4.1K","tone":"positive"},{"label":"Freshness","value":"29d ago","tone":"positive"},{"label":"Install ready","value":"Yes","tone":"positive"},{"label":"License","value":"BSD-2-Clause","tone":"neutral"}],"warnings":[]},"trust":{"version":"trust-score-v5","score":82,"base_score":88,"outcome_confidence":0,"tier":"strong","label":"Review then install","summary":"Good shortlist signal, but the agent should review audit notes, install policy, and outcome evidence before running it.","recommendedAction":"Use as the primary candidate after human or sandbox review.","decision":{"install_policy":"agent_install_candidate","auto_install_allowed":false,"human_review_required":true,"sandbox_first":true,"agent_action":"Ask for approval or run a sandbox-only trial before installing.","reasoning":["82/100 Trust Score v5","88/100 Trust Score v4 baseline","Needs more real agent outcomes before unattended install","Install path is available","Review before production"],"review_required_when":["The workspace contains production secrets, payments, private customer data, or irreversible actions.","The install command requests shell, network, credential, database, or broad filesystem access.","Outcome evidence is missing, recently failed, or required human review.","Production credentials, payments, or irreversible account changes without explicit human review","Sensitive private data before reviewing repository code, license, and permission surface"]},"dimensions":[{"id":"github_adoption","label":"GitHub adoption","score":86,"weight":0.13,"status":"pass","detail":"4.1K GitHub stars"},{"id":"repo_activity","label":"Stars/forks activity","score":83,"weight":0.08,"status":"pass","detail":"4.1K stars, 536 forks; issue activity unavailable in current metadata"},{"id":"maintenance","label":"Recent maintenance","score":100,"weight":0.14,"status":"pass","detail":"29d since push"},{"id":"license","label":"License clarity","score":86,"weight":0.09,"status":"pass","detail":"BSD-2-Clause"},{"id":"documentation","label":"README/SKILL.md completeness","score":90,"weight":0.14,"status":"pass","detail":"Metadata includes enough usage and workflow context"},{"id":"dependency_risk","label":"Dependency/runtime risk","score":72,"weight":0.12,"status":"info","detail":"credential or environment access"},{"id":"installability","label":"Install availability","score":92,"weight":0.1,"status":"pass","detail":"npx skills add jonaslejon/malicious-pdf"},{"id":"install_safety","label":"Install command safety","score":92,"weight":0.1,"status":"pass","detail":"standard package or runtime install path"},{"id":"permission_surface","label":"Permission surface","score":60,"weight":0.07,"status":"warn","detail":"secrets or environment access, filesystem or document access"},{"id":"repository","label":"Repository evidence","score":86,"weight":0.04,"status":"pass","detail":"https://github.com/jonaslejon/malicious-pdf"},{"id":"review_status","label":"Review status","score":88,"weight":0.05,"status":"pass","detail":"AI review data available"},{"id":"agent_outcomes","label":"Agent Proven outcomes","score":54,"weight":0.13,"status":"info","detail":"No agent outcome data yet"}],"checks":[{"status":"pass","label":"GitHub adoption","detail":"4.1K GitHub stars"},{"status":"pass","label":"Stars/forks activity","detail":"4.1K stars, 536 forks; issue activity unavailable in current metadata"},{"status":"pass","label":"Recent maintenance","detail":"29d since push"},{"status":"pass","label":"License clarity","detail":"BSD-2-Clause"},{"status":"pass","label":"README/SKILL.md completeness","detail":"Metadata includes enough usage and workflow context"},{"status":"info","label":"Dependency/runtime risk","detail":"credential or environment access"},{"status":"pass","label":"Install availability","detail":"npx skills add jonaslejon/malicious-pdf"},{"status":"pass","label":"Install command safety","detail":"standard package or runtime install path"},{"status":"warn","label":"Permission surface","detail":"secrets or environment access, filesystem or document access"},{"status":"pass","label":"Repository evidence","detail":"https://github.com/jonaslejon/malicious-pdf"},{"status":"pass","label":"Review status","detail":"AI review data available"},{"status":"info","label":"Agent Proven outcomes","detail":"No agent outcome data yet"},{"status":"pass","label":"Ownership","detail":"Listing manually verified"},{"status":"pass","label":"OpenAgentSkill usage","detail":"4 views, 0 install copies"},{"status":"info","label":"Agent outcomes","detail":"No agent outcome data yet"}],"strengths":["Manually verified listing","AI review approved","Install path is available","Repository evidence is available","Recently maintained repository","Meaningful GitHub adoption signal","Install command has no obvious high-risk pattern","Outcome loop is ready but needs first real agent run"],"warnings":["Permission surface needs review: secrets or environment access, filesystem or document access","Permission surface: secrets or environment access, filesystem or document access","No real agent outcome reports yet","Human review required before unattended installation"],"evidence":{"stars":"4.1K GitHub stars","repoActivity":"4.1K stars, 536 forks","lastPushed":"29d since push","license":"BSD-2-Clause","repository":"https://github.com/jonaslejon/malicious-pdf","install":"npx skills add jonaslejon/malicious-pdf","installSafety":"standard package or runtime install path","permissionSurface":"secrets or environment access, filesystem or document access","documentation":"Strong README/SKILL.md context","agentOutcomes":"No agent outcome data yet","agentProvenScore":0,"outcomeConfidence":"0%","installPolicy":"agent_install_candidate"},"installReadiness":{"ready":true,"command":"npx skills add jonaslejon/malicious-pdf","policy":"agent_install_candidate","label":"Agent install candidate","notes":["Install path is available","Repository evidence is available","License is declared","No Agent Proven outcome evidence yet","29d since push","Trust Score v5 requires review or sandbox-only use before install."]},"agentCompatibility":["Python","PDF","Codex","Claude Code","Cursor","OpenAgentSkill CLI"],"riskSummary":{"level":"medium","label":"Review before production","notes":["Permission surface needs review: secrets or environment access, filesystem or document access","Permission surface: secrets or environment access, filesystem or document access"]},"outcomeEvidence":{"total":0,"successes":0,"failures":0,"notRelevant":0,"successRate":null,"installAttempts":0,"riskBlocked":0,"setupRequired":0,"installSuccessRate":null,"avgOutputQuality":null,"avgTimeToUsefulMs":null,"productionOutcomes":0,"humanReviewRequired":0,"recentSuccessRate":null,"recentFailureRate":null,"uniqueAgents":0,"agentProvenScore":0,"agentProvenLabel":"Needs first agent run","lastOutcomeAt":null,"label":"No agent outcome data yet"},"autoInstall":{"allowed":false,"sandboxRequired":true,"policy":"agent_install_candidate","reason":"Ask for approval or run a sandbox-only trial before installing."},"outcome_loop":{"version":"openagentskill-agent-outcome-v3","required_after_install":true,"endpoint":"/api/agent/outcome","method":"POST","event_id_source":"feedback.event_id, install_receipt.resolve_event_id, or decision_packet.outcome_feedback.event_id","expected_outcomes":["success","failed","not_relevant","blocked_by_risk","setup_required"],"required_fields":["event_id","skill_slug","task"],"quality_fields":["task_success","output_quality","error_type","human_review_required","used_in_production","workspace","evidence_url","time_to_useful_ms"],"ranking_inputs_updated":["Trust Score v5 outcome confidence","Agent Proven Score","Resolve ranking task-fit evidence","Skill detail machine-readable metadata","Outcome leaderboard"]},"agent_contract":{"suited_tasks":["document-processing","pdf","documents","extraction","bugbounty","bugbounty-tool"],"suited_agents":["Python","PDF","Codex","Claude Code","Cursor","OpenAgentSkill CLI"],"install_command":"npx skills add jonaslejon/malicious-pdf","trust_score":82,"trust_version":"trust-score-v5","risk_level":"medium","do_not_use_when":["Production credentials, payments, or irreversible account changes without explicit human review","Sensitive private data before reviewing repository code, license, and permission surface"],"before_install":["Read the audit page and machine-readable metadata.","Confirm the install command, license, and permission surface fit the workspace.","Get explicit human approval or choose an alternative before installing."],"after_run":["Report the outcome to /api/agent/outcome using the resolve event id.","Include output_quality, workspace, human_review_required, and evidence_url when available.","Re-resolve before broad production rollout."]},"bestFor":["document-processing","pdf","documents","extraction","bugbounty","bugbounty-tool"],"doNotUseFor":["Production credentials, payments, or irreversible account changes without explicit human review","Sensitive private data before reviewing repository code, license, and permission surface"],"knownRisks":["Permission surface needs review: secrets or environment access, filesystem or document access","Permission surface: secrets or environment access, filesystem or document access"],"backward_compatible":{"trust_score_v4":{"version":"trust-score-v4","score":88,"tier":"production","label":"Production candidate","summary":"Strong OpenAgentSkill Trust Score across adoption, recent maintenance, license clarity, documentation, dependency/runtime risk, install safety, permission surface, and install availability."}}},"trust_score_v5":{"version":"trust-score-v5","score":82,"base_score":88,"outcome_confidence":0,"tier":"strong","label":"Review then install","summary":"Good shortlist signal, but the agent should review audit notes, install policy, and outcome evidence before running it.","recommendedAction":"Use as the primary candidate after human or sandbox review.","decision":{"install_policy":"agent_install_candidate","auto_install_allowed":false,"human_review_required":true,"sandbox_first":true,"agent_action":"Ask for approval or run a sandbox-only trial before installing.","reasoning":["82/100 Trust Score v5","88/100 Trust Score v4 baseline","Needs more real agent outcomes before unattended install","Install path is available","Review before production"],"review_required_when":["The workspace contains production secrets, payments, private customer data, or irreversible actions.","The install command requests shell, network, credential, database, or broad filesystem access.","Outcome evidence is missing, recently failed, or required human review.","Production credentials, payments, or irreversible account changes without explicit human review","Sensitive private data before reviewing repository code, license, and permission surface"]},"dimensions":[{"id":"github_adoption","label":"GitHub adoption","score":86,"weight":0.13,"status":"pass","detail":"4.1K GitHub stars"},{"id":"repo_activity","label":"Stars/forks activity","score":83,"weight":0.08,"status":"pass","detail":"4.1K stars, 536 forks; issue activity unavailable in current metadata"},{"id":"maintenance","label":"Recent maintenance","score":100,"weight":0.14,"status":"pass","detail":"29d since push"},{"id":"license","label":"License clarity","score":86,"weight":0.09,"status":"pass","detail":"BSD-2-Clause"},{"id":"documentation","label":"README/SKILL.md completeness","score":90,"weight":0.14,"status":"pass","detail":"Metadata includes enough usage and workflow context"},{"id":"dependency_risk","label":"Dependency/runtime risk","score":72,"weight":0.12,"status":"info","detail":"credential or environment access"},{"id":"installability","label":"Install availability","score":92,"weight":0.1,"status":"pass","detail":"npx skills add jonaslejon/malicious-pdf"},{"id":"install_safety","label":"Install command safety","score":92,"weight":0.1,"status":"pass","detail":"standard package or runtime install path"},{"id":"permission_surface","label":"Permission surface","score":60,"weight":0.07,"status":"warn","detail":"secrets or environment access, filesystem or document access"},{"id":"repository","label":"Repository evidence","score":86,"weight":0.04,"status":"pass","detail":"https://github.com/jonaslejon/malicious-pdf"},{"id":"review_status","label":"Review status","score":88,"weight":0.05,"status":"pass","detail":"AI review data available"},{"id":"agent_outcomes","label":"Agent Proven outcomes","score":54,"weight":0.13,"status":"info","detail":"No agent outcome data yet"}],"checks":[{"status":"pass","label":"GitHub adoption","detail":"4.1K GitHub stars"},{"status":"pass","label":"Stars/forks activity","detail":"4.1K stars, 536 forks; issue activity unavailable in current metadata"},{"status":"pass","label":"Recent maintenance","detail":"29d since push"},{"status":"pass","label":"License clarity","detail":"BSD-2-Clause"},{"status":"pass","label":"README/SKILL.md completeness","detail":"Metadata includes enough usage and workflow context"},{"status":"info","label":"Dependency/runtime risk","detail":"credential or environment access"},{"status":"pass","label":"Install availability","detail":"npx skills add jonaslejon/malicious-pdf"},{"status":"pass","label":"Install command safety","detail":"standard package or runtime install path"},{"status":"warn","label":"Permission surface","detail":"secrets or environment access, filesystem or document access"},{"status":"pass","label":"Repository evidence","detail":"https://github.com/jonaslejon/malicious-pdf"},{"status":"pass","label":"Review status","detail":"AI review data available"},{"status":"info","label":"Agent Proven outcomes","detail":"No agent outcome data yet"},{"status":"pass","label":"Ownership","detail":"Listing manually verified"},{"status":"pass","label":"OpenAgentSkill usage","detail":"4 views, 0 install copies"},{"status":"info","label":"Agent outcomes","detail":"No agent outcome data yet"}],"strengths":["Manually verified listing","AI review approved","Install path is available","Repository evidence is available","Recently maintained repository","Meaningful GitHub adoption signal","Install command has no obvious high-risk pattern","Outcome loop is ready but needs first real agent run"],"warnings":["Permission surface needs review: secrets or environment access, filesystem or document access","Permission surface: secrets or environment access, filesystem or document access","No real agent outcome reports yet","Human review required before unattended installation"],"evidence":{"stars":"4.1K GitHub stars","repoActivity":"4.1K stars, 536 forks","lastPushed":"29d since push","license":"BSD-2-Clause","repository":"https://github.com/jonaslejon/malicious-pdf","install":"npx skills add jonaslejon/malicious-pdf","installSafety":"standard package or runtime install path","permissionSurface":"secrets or environment access, filesystem or document access","documentation":"Strong README/SKILL.md context","agentOutcomes":"No agent outcome data yet","agentProvenScore":0,"outcomeConfidence":"0%","installPolicy":"agent_install_candidate"},"installReadiness":{"ready":true,"command":"npx skills add jonaslejon/malicious-pdf","policy":"agent_install_candidate","label":"Agent install candidate","notes":["Install path is available","Repository evidence is available","License is declared","No Agent Proven outcome evidence yet","29d since push","Trust Score v5 requires review or sandbox-only use before install."]},"agentCompatibility":["Python","PDF","Codex","Claude Code","Cursor","OpenAgentSkill CLI"],"riskSummary":{"level":"medium","label":"Review before production","notes":["Permission surface needs review: secrets or environment access, filesystem or document access","Permission surface: secrets or environment access, filesystem or document access"]},"outcomeEvidence":{"total":0,"successes":0,"failures":0,"notRelevant":0,"successRate":null,"installAttempts":0,"riskBlocked":0,"setupRequired":0,"installSuccessRate":null,"avgOutputQuality":null,"avgTimeToUsefulMs":null,"productionOutcomes":0,"humanReviewRequired":0,"recentSuccessRate":null,"recentFailureRate":null,"uniqueAgents":0,"agentProvenScore":0,"agentProvenLabel":"Needs first agent run","lastOutcomeAt":null,"label":"No agent outcome data yet"},"autoInstall":{"allowed":false,"sandboxRequired":true,"policy":"agent_install_candidate","reason":"Ask for approval or run a sandbox-only trial before installing."},"outcome_loop":{"version":"openagentskill-agent-outcome-v3","required_after_install":true,"endpoint":"/api/agent/outcome","method":"POST","event_id_source":"feedback.event_id, install_receipt.resolve_event_id, or decision_packet.outcome_feedback.event_id","expected_outcomes":["success","failed","not_relevant","blocked_by_risk","setup_required"],"required_fields":["event_id","skill_slug","task"],"quality_fields":["task_success","output_quality","error_type","human_review_required","used_in_production","workspace","evidence_url","time_to_useful_ms"],"ranking_inputs_updated":["Trust Score v5 outcome confidence","Agent Proven Score","Resolve ranking task-fit evidence","Skill detail machine-readable metadata","Outcome leaderboard"]},"agent_contract":{"suited_tasks":["document-processing","pdf","documents","extraction","bugbounty","bugbounty-tool"],"suited_agents":["Python","PDF","Codex","Claude Code","Cursor","OpenAgentSkill CLI"],"install_command":"npx skills add jonaslejon/malicious-pdf","trust_score":82,"trust_version":"trust-score-v5","risk_level":"medium","do_not_use_when":["Production credentials, payments, or irreversible account changes without explicit human review","Sensitive private data before reviewing repository code, license, and permission surface"],"before_install":["Read the audit page and machine-readable metadata.","Confirm the install command, license, and permission surface fit the workspace.","Get explicit human approval or choose an alternative before installing."],"after_run":["Report the outcome to /api/agent/outcome using the resolve event id.","Include output_quality, workspace, human_review_required, and evidence_url when available.","Re-resolve before broad production rollout."]},"bestFor":["document-processing","pdf","documents","extraction","bugbounty","bugbounty-tool"],"doNotUseFor":["Production credentials, payments, or irreversible account changes without explicit human review","Sensitive private data before reviewing repository code, license, and permission surface"],"knownRisks":["Permission surface needs review: secrets or environment access, filesystem or document access","Permission surface: secrets or environment access, filesystem or document access"],"backward_compatible":{"trust_score_v4":{"version":"trust-score-v4","score":88,"tier":"production","label":"Production candidate","summary":"Strong OpenAgentSkill Trust Score across adoption, recent maintenance, license clarity, documentation, dependency/runtime risk, install safety, permission surface, and install availability."}}},"trust_score_v4":{"version":"trust-score-v4","score":88,"tier":"production","label":"Production candidate","summary":"Strong OpenAgentSkill Trust Score across adoption, recent maintenance, license clarity, documentation, dependency/runtime risk, install safety, permission surface, and install availability.","recommendedAction":"Shortlist for production use, then run a normal repository and dependency review.","dimensions":[{"id":"github_adoption","label":"GitHub adoption","score":86,"weight":0.13,"status":"pass","detail":"4.1K GitHub stars"},{"id":"repo_activity","label":"Stars/forks activity","score":83,"weight":0.08,"status":"pass","detail":"4.1K stars, 536 forks; issue activity unavailable in current metadata"},{"id":"maintenance","label":"Recent maintenance","score":100,"weight":0.14,"status":"pass","detail":"29d since push"},{"id":"license","label":"License clarity","score":86,"weight":0.09,"status":"pass","detail":"BSD-2-Clause"},{"id":"documentation","label":"README/SKILL.md completeness","score":90,"weight":0.14,"status":"pass","detail":"Metadata includes enough usage and workflow context"},{"id":"dependency_risk","label":"Dependency/runtime risk","score":72,"weight":0.12,"status":"info","detail":"credential or environment access"},{"id":"installability","label":"Install availability","score":92,"weight":0.1,"status":"pass","detail":"npx skills add jonaslejon/malicious-pdf"},{"id":"install_safety","label":"Install command safety","score":92,"weight":0.1,"status":"pass","detail":"standard package or runtime install path"},{"id":"permission_surface","label":"Permission surface","score":60,"weight":0.07,"status":"warn","detail":"secrets or environment access, filesystem or document access"},{"id":"repository","label":"Repository evidence","score":86,"weight":0.04,"status":"pass","detail":"https://github.com/jonaslejon/malicious-pdf"},{"id":"review_status","label":"Review status","score":88,"weight":0.05,"status":"pass","detail":"AI review data available"},{"id":"agent_outcomes","label":"Agent Proven outcomes","score":54,"weight":0.13,"status":"info","detail":"No agent outcome data yet"}],"checks":[{"status":"pass","label":"GitHub adoption","detail":"4.1K GitHub stars"},{"status":"pass","label":"Stars/forks activity","detail":"4.1K stars, 536 forks; issue activity unavailable in current metadata"},{"status":"pass","label":"Recent maintenance","detail":"29d since push"},{"status":"pass","label":"License clarity","detail":"BSD-2-Clause"},{"status":"pass","label":"README/SKILL.md completeness","detail":"Metadata includes enough usage and workflow context"},{"status":"info","label":"Dependency/runtime risk","detail":"credential or environment access"},{"status":"pass","label":"Install availability","detail":"npx skills add jonaslejon/malicious-pdf"},{"status":"pass","label":"Install command safety","detail":"standard package or runtime install path"},{"status":"warn","label":"Permission surface","detail":"secrets or environment access, filesystem or document access"},{"status":"pass","label":"Repository evidence","detail":"https://github.com/jonaslejon/malicious-pdf"},{"status":"pass","label":"Review status","detail":"AI review data available"},{"status":"info","label":"Agent Proven outcomes","detail":"No agent outcome data yet"},{"status":"pass","label":"Ownership","detail":"Listing manually verified"},{"status":"pass","label":"OpenAgentSkill usage","detail":"4 views, 0 install copies"},{"status":"info","label":"Agent outcomes","detail":"No agent outcome data yet"}],"strengths":["Manually verified listing","AI review approved","Install path is available","Repository evidence is available","Recently maintained repository","Meaningful GitHub adoption signal","Install command has no obvious high-risk pattern"],"warnings":["Permission surface needs review: secrets or environment access, filesystem or document access","Permission surface: secrets or environment access, filesystem or document access"],"evidence":{"stars":"4.1K GitHub stars","repoActivity":"4.1K stars, 536 forks","lastPushed":"29d since push","license":"BSD-2-Clause","repository":"https://github.com/jonaslejon/malicious-pdf","install":"npx skills add jonaslejon/malicious-pdf","installSafety":"standard package or runtime install path","permissionSurface":"secrets or environment access, filesystem or document access","documentation":"Strong README/SKILL.md context","agentOutcomes":"No agent outcome data yet"},"installReadiness":{"ready":true,"command":"npx skills add jonaslejon/malicious-pdf","policy":"agent_install_candidate","label":"Agent install candidate","notes":["Install path is available","Repository evidence is available","License is declared","No Agent Proven outcome evidence yet","29d since push"]},"agentCompatibility":["Python","PDF","Codex","Claude Code","Cursor","OpenAgentSkill CLI"],"riskSummary":{"level":"medium","label":"Review before production","notes":["Permission surface needs review: secrets or environment access, filesystem or document access","Permission surface: secrets or environment access, filesystem or document access"]},"outcomeEvidence":{"total":0,"successes":0,"failures":0,"notRelevant":0,"successRate":null,"installAttempts":0,"riskBlocked":0,"setupRequired":0,"installSuccessRate":null,"avgOutputQuality":null,"avgTimeToUsefulMs":null,"productionOutcomes":0,"humanReviewRequired":0,"recentSuccessRate":null,"recentFailureRate":null,"uniqueAgents":0,"agentProvenScore":0,"agentProvenLabel":"Needs first agent run","lastOutcomeAt":null,"label":"No agent outcome data yet"},"autoInstall":{"allowed":true,"sandboxRequired":true,"policy":"agent_install_candidate","reason":"Trust Score v4 allows sandbox-first agent installation after normal workspace review."},"bestFor":["document-processing","pdf","documents","extraction","bugbounty","bugbounty-tool"],"doNotUseFor":["Production credentials, payments, or irreversible account changes without explicit human review","Sensitive private data before reviewing repository code, license, and permission surface"],"knownRisks":["Permission surface needs review: secrets or environment access, filesystem or document access","Permission surface: secrets or environment access, filesystem or document access"]},"agent_proven":{"version":"agent-proven-v1","score":0,"tier":"unproven","label":"Needs first agent run","summary":"No agent outcome reports yet. Use Resolve, run one narrow sandbox task, then report the result.","metrics":{"totalOutcomes":0,"successfulOutcomes":0,"failedOutcomes":0,"installAttempts":0,"installSuccessRate":null,"successRate":null,"recentSuccessRate":null,"recentFailureRate":null,"riskBlocked":0,"setupRequired":0,"notRelevant":0,"avgOutputQuality":null,"avgTimeToUsefulMs":null,"productionOutcomes":0,"humanReviewRequired":0,"uniqueAgents":0,"lastOutcomeAt":null},"signals":[],"penalties":["No real agent outcome evidence yet"]},"outcome_stats":null,"safety":{"score":65,"level":"review_before_install","label":"Review before install","safety_tier":{"tier":"reviewed","label":"Reviewed with permission notes","badge":"REVIEWED","summary":"Usable candidate, but the agent should surface permission and audit notes before installation.","recommended_action":"Require human approval before installing into a real workspace.","auto_install_policy":"review","reasons":["High-risk permission hints: Secrets or environment access","65/100 agent safety score"]},"auto_install_allowed":false,"human_review_required":true,"blocked":false,"audit_risk":"safe_to_try","permission_hints":[{"id":"network","label":"Network access","reason":"Skill likely fetches remote pages, APIs, repositories, or external services.","severity":"medium"},{"id":"filesystem","label":"Filesystem access","reason":"Skill may read or write project files, documents, generated artifacts, or local workspace state.","severity":"medium"},{"id":"secrets","label":"Secrets or environment access","reason":"Skill metadata references credentials, tokens, environment variables, or secret-bearing workflows.","severity":"high"}],"policy_warnings":["High-risk permission hints: Secrets or environment access","Permission surface may require sandboxing"],"constraints_applied":{"max_risk":"medium","needs_install_command":true,"min_stars":0}},"safety_gate":{"tier":"reviewed","label":"Reviewed with permission notes","badge":"REVIEWED","auto_install_policy":"review","auto_install_allowed":false,"blocked":false,"human_review_required":true,"recommended_action":"Require human approval before installing into a real workspace.","reasons":["High-risk permission hints: Secrets or environment access","65/100 agent safety score"]},"eval":{"version":"openagentskill-skill-eval-v1","status":"review","score":86,"risk_level":"medium","decision":{"recommendation":"manual_review","reason":"Require human approval before installing into a real workspace.","auto_install_allowed":false,"policy":"review","human_review_required":true},"blockers":[],"warnings":["Agent safety gate: Usable candidate, but the agent should surface permission and audit notes before installation.","Permission surface: secrets or environment access, filesystem or document access","High-risk permission hints: Secrets or environment access","Permission surface may require sandboxing","Permission surface needs review: secrets or environment access, filesystem or document access"],"validation_plan":["Inspect repository, README/SKILL.md, license, and recent commits before production use.","Install in an isolated workspace or sandbox with no production secrets available.","Run the smallest representative task and record files touched, commands run, network access, and outputs.","Compare the selected skill against at least one alternative when the eval status is review or failed.","Promote only after the agent reports a successful verification result and unresolved warnings are accepted."],"checks":[{"id":"task_fit","label":"Task fit","status":"pass","score":84,"required_for_auto_install":true,"detail":"Task wording matches this skill metadata.","evidence":["Evaluate Malicious Pdf before installing it in an agent workflow","document-processing","Document processing workflows; Claude Code teams; teams that value GitHub adoption signals"]},{"id":"install_path","label":"Install path","status":"pass","score":92,"required_for_auto_install":true,"detail":"Install handoff is available.","evidence":["npx skills add jonaslejon/malicious-pdf"]},{"id":"install_safety","label":"Install command safety","status":"pass","score":92,"required_for_auto_install":true,"detail":"standard package or runtime install path","evidence":["npx skills add jonaslejon/malicious-pdf"]},{"id":"trust_score","label":"Trust score","status":"pass","score":88,"required_for_auto_install":true,"detail":"Strong OpenAgentSkill Trust Score across adoption, recent maintenance, license clarity, documentation, dependency/runtime risk, install safety, permission surface, and install availability.","evidence":["Production candidate","4.1K GitHub stars","BSD-2-Clause"]},{"id":"audit_score","label":"Audit score","status":"pass","score":93,"required_for_auto_install":true,"detail":"Safe to try","evidence":["Permission surface may require sandboxing"]},{"id":"agent_safety_gate","label":"Agent safety gate","status":"warn","score":65,"required_for_auto_install":true,"detail":"Usable candidate, but the agent should surface permission and audit notes before installation.","evidence":["Require human approval before installing into a real workspace.","High-risk permission hints: Secrets or environment access"]},{"id":"readme_skillmd_completeness","label":"README/SKILL.md completeness","status":"pass","score":90,"required_for_auto_install":false,"detail":"Metadata includes enough usage and workflow context","evidence":["Strong README/SKILL.md context"]},{"id":"license_clarity","label":"License clarity","status":"pass","score":86,"required_for_auto_install":true,"detail":"BSD-2-Clause","evidence":["BSD-2-Clause"]},{"id":"recent_maintenance","label":"Recent maintenance","status":"pass","score":100,"required_for_auto_install":false,"detail":"29d since push","evidence":["29d since push"]},{"id":"permission_surface","label":"Permission surface","status":"warn","score":60,"required_for_auto_install":true,"detail":"secrets or environment access, filesystem or document access","evidence":["Network access: medium","Filesystem access: medium","Secrets or environment access: high"]},{"id":"alternatives","label":"Alternatives available","status":"info","score":55,"required_for_auto_install":false,"detail":"No close alternatives were found in the current shortlist.","evidence":[]}],"endpoints":{"web":"https://www.openagentskill.com/skills/jonaslejon-malicious-pdf/evals","api":"/api/agent/evals?slug=jonaslejon-malicious-pdf","text":"/api/agent/evals?slug=jonaslejon-malicious-pdf&format=text"}},"agent_readable_metadata":{"version":"openagentskill-agent-metadata-v2","skill":{"slug":"jonaslejon-malicious-pdf","name":"Malicious Pdf","description":"💀 Generate malicious PDF test files for testing phone-home callbacks, SSRF, XSS, NTLM credential theft, and data exfiltration in PDF viewers, converters, and web applications. Can be used with Burp Collaborator or Interact.sh","category":"document-processing","url":"https://www.openagentskill.com/skills/jonaslejon-malicious-pdf","repository":"https://github.com/jonaslejon/malicious-pdf","github_repo":"jonaslejon/malicious-pdf"},"suited_tasks":["Document processing workflows","Claude Code teams","teams that value GitHub adoption signals","Read uploaded files","Extract structured fields","Prepare clean context for downstream agents","Run test suites","Capture failures"],"suited_agents":["Python","PDF","Codex","Claude Code","Cursor","OpenAgentSkill CLI","CLI"],"install":{"command":"npx skills add jonaslejon/malicious-pdf","ready":true,"targets":[{"id":"openagentskill-cli","label":"CLI","kind":"command","value":"npx skills add jonaslejon/malicious-pdf"},{"id":"codex","label":"Codex","kind":"agent-prompt","value":"Install the \"Malicious Pdf\" agent skill from https://github.com/jonaslejon/malicious-pdf. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: 💀 Generate malicious PDF test files for testing phone-home callbacks, SSRF, XSS, NTLM credential theft, and data exfiltration in PDF viewers, converters, and web applications. Can be used with Burp Collaborator or Interact.sh"},{"id":"claude-code","label":"Claude Code","kind":"agent-prompt","value":"Add \"Malicious Pdf\" as a Claude Code skill from https://github.com/jonaslejon/malicious-pdf. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: 💀 Generate malicious PDF test files for testing phone-home callbacks, SSRF, XSS, NTLM credential theft, and data exfiltration in PDF viewers, converters, and web applications. Can be used with Burp Collaborator or Interact.sh"},{"id":"cursor","label":"Cursor","kind":"agent-prompt","value":"Turn \"Malicious Pdf\" from https://github.com/jonaslejon/malicious-pdf into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: 💀 Generate malicious PDF test files for testing phone-home callbacks, SSRF, XSS, NTLM credential theft, and data exfiltration in PDF viewers, converters, and web applications. Can be used with Burp Collaborator or Interact.sh"}],"handoff_url":"https://www.openagentskill.com/api/skills/jonaslejon-malicious-pdf/install","manifest_url":"https://www.openagentskill.com/api/registry/manifest/jonaslejon-malicious-pdf"},"trust":{"score":88,"label":"Production candidate","version":"trust-score-v4","install_policy":"agent_install_candidate","evidence":{"stars":"4.1K GitHub stars","repoActivity":"4.1K stars, 536 forks","lastPushed":"29d since push","license":"BSD-2-Clause","repository":"https://github.com/jonaslejon/malicious-pdf","install":"npx skills add jonaslejon/malicious-pdf","installSafety":"standard package or runtime install path","permissionSurface":"secrets or environment access, filesystem or document access","documentation":"Strong README/SKILL.md context","agentOutcomes":"No agent outcome data yet"},"outcome_evidence":{"total":0,"successes":0,"failures":0,"not_relevant":0,"success_rate":null,"recent_success_rate":null,"recent_failure_rate":null,"install_attempts":0,"install_success_rate":null,"risk_blocked":0,"setup_required":0,"avg_output_quality":null,"production_outcomes":0,"last_outcome_at":null,"label":"No agent outcome data yet"},"auto_install":{"allowed":true,"sandbox_required":true,"reason":"Trust Score v4 allows sandbox-first agent installation after normal workspace review."},"best_for":["document-processing","pdf","documents","extraction","bugbounty","bugbounty-tool"],"known_risks":["Permission surface needs review: secrets or environment access, filesystem or document access","Permission surface: secrets or environment access, filesystem or document access"]},"agent_proven":{"version":"agent-proven-v1","score":0,"tier":"unproven","label":"Needs first agent run","summary":"No agent outcome reports yet. Use Resolve, run one narrow sandbox task, then report the result.","metrics":{"totalOutcomes":0,"successfulOutcomes":0,"failedOutcomes":0,"installAttempts":0,"installSuccessRate":null,"successRate":null,"recentSuccessRate":null,"recentFailureRate":null,"riskBlocked":0,"setupRequired":0,"notRelevant":0,"avgOutputQuality":null,"avgTimeToUsefulMs":null,"productionOutcomes":0,"humanReviewRequired":0,"uniqueAgents":0,"lastOutcomeAt":null},"signals":[],"penalties":["No real agent outcome evidence yet"]},"audit":{"score":93,"risk_level":"safe_to_try","risk_label":"Safe to try","warnings":["Permission surface may require sandboxing","Permission surface needs review: secrets or environment access, filesystem or document access","Permission surface: secrets or environment access, filesystem or document access"]},"safety_gate":{"tier":"reviewed","label":"Reviewed with permission notes","auto_install_policy":"review","auto_install_allowed":false,"human_review_required":true,"blocked":false,"recommended_action":"Require human approval before installing into a real workspace."},"quality":{"score":100,"label":"Excellent"},"supply":{"track":"Coding and developer agents","scenario":"Testing and QA","maintenance":"29d since push","risk":"Safe to try"},"alternative_skills":[],"do_not_use_when":["teams that need a vendor-supported SLA","high-compliance environments without internal security review","No major risk signals from current metadata","High-risk permission hints: Secrets or environment access","Permission surface may require sandboxing","Permission surface needs review: secrets or environment access, filesystem or document access","Permission surface: secrets or environment access, filesystem or document access","Production credentials, payments, or irreversible account changes without explicit human review"],"agent_contract":{"task_input":"Use Malicious Pdf in an agent workflow","recommended_action":"Require human approval before installing into a real workspace.","install_policy":"review","minimum_review_before_use":["Trust: 88/100 Production candidate","Audit: 93/100 Safe to try","Safety: 65/100 Review before install","Review repository, license, install command, and permission surface before production use."],"expected_agent_output":{"selected_skill":"jonaslejon-malicious-pdf (Malicious Pdf)","install_command":"npx skills add jonaslejon/malicious-pdf","risk_summary":"Safe to try; Reviewed with permission notes; Review before production","verification_result":"Report the smallest successful task, files touched, warnings, and any missing setup."}},"outcome_feedback":{"endpoint":"https://www.openagentskill.com/api/agent/outcome","method":"POST","requires_resolve_event_id":true,"event_id_source":"Use install_receipt.outcome_feedback.event_id or feedback.event_id returned by /api/agent/resolve for the current task.","expected_outcomes":["success","failed","not_relevant","blocked_by_risk","setup_required"],"payload_template":{"event_id":"<install_receipt.outcome_feedback.event_id or feedback.event_id from /api/agent/resolve>","skill_slug":"jonaslejon-malicious-pdf","task":"Use Malicious Pdf in an agent workflow","agent":"codex","outcome":"success","install_used":true,"risk_blocked":false,"setup_required":false,"task_success":true,"output_quality":4,"error_type":null,"human_review_required":false,"workspace":"sandbox","time_to_useful_ms":120000,"notes":"Report the smallest successful task, setup friction, files touched, and risk notes."}},"endpoints":{"web":"https://www.openagentskill.com/skills/jonaslejon-malicious-pdf","api":"https://www.openagentskill.com/api/agent/skills/jonaslejon-malicious-pdf","audit":"https://www.openagentskill.com/skills/jonaslejon-malicious-pdf/audit","eval":"https://www.openagentskill.com/api/agent/evals?slug=jonaslejon-malicious-pdf&task=Use%20Malicious%20Pdf%20in%20an%20agent%20workflow&max_risk=medium","resolve":"https://www.openagentskill.com/api/agent/resolve?task=Use%20Malicious%20Pdf%20in%20an%20agent%20workflow&agent=codex&max_risk=medium","receipt":"https://www.openagentskill.com/api/agent/receipt?task=Use%20Malicious%20Pdf%20in%20an%20agent%20workflow&agent=codex&max_risk=medium&format=text","install":"https://www.openagentskill.com/api/skills/jonaslejon-malicious-pdf/install","manifest":"https://www.openagentskill.com/api/registry/manifest/jonaslejon-malicious-pdf"}},"machine_metadata":{"version":"openagentskill-agent-metadata-v2","skill":{"slug":"jonaslejon-malicious-pdf","name":"Malicious Pdf","description":"💀 Generate malicious PDF test files for testing phone-home callbacks, SSRF, XSS, NTLM credential theft, and data exfiltration in PDF viewers, converters, and web applications. Can be used with Burp Collaborator or Interact.sh","category":"document-processing","url":"https://www.openagentskill.com/skills/jonaslejon-malicious-pdf","repository":"https://github.com/jonaslejon/malicious-pdf","github_repo":"jonaslejon/malicious-pdf"},"suited_tasks":["Document processing workflows","Claude Code teams","teams that value GitHub adoption signals","Read uploaded files","Extract structured fields","Prepare clean context for downstream agents","Run test suites","Capture failures"],"suited_agents":["Python","PDF","Codex","Claude Code","Cursor","OpenAgentSkill CLI","CLI"],"install":{"command":"npx skills add jonaslejon/malicious-pdf","ready":true,"targets":[{"id":"openagentskill-cli","label":"CLI","kind":"command","value":"npx skills add jonaslejon/malicious-pdf"},{"id":"codex","label":"Codex","kind":"agent-prompt","value":"Install the \"Malicious Pdf\" agent skill from https://github.com/jonaslejon/malicious-pdf. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: 💀 Generate malicious PDF test files for testing phone-home callbacks, SSRF, XSS, NTLM credential theft, and data exfiltration in PDF viewers, converters, and web applications. Can be used with Burp Collaborator or Interact.sh"},{"id":"claude-code","label":"Claude Code","kind":"agent-prompt","value":"Add \"Malicious Pdf\" as a Claude Code skill from https://github.com/jonaslejon/malicious-pdf. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: 💀 Generate malicious PDF test files for testing phone-home callbacks, SSRF, XSS, NTLM credential theft, and data exfiltration in PDF viewers, converters, and web applications. Can be used with Burp Collaborator or Interact.sh"},{"id":"cursor","label":"Cursor","kind":"agent-prompt","value":"Turn \"Malicious Pdf\" from https://github.com/jonaslejon/malicious-pdf into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: 💀 Generate malicious PDF test files for testing phone-home callbacks, SSRF, XSS, NTLM credential theft, and data exfiltration in PDF viewers, converters, and web applications. Can be used with Burp Collaborator or Interact.sh"}],"handoff_url":"https://www.openagentskill.com/api/skills/jonaslejon-malicious-pdf/install","manifest_url":"https://www.openagentskill.com/api/registry/manifest/jonaslejon-malicious-pdf"},"trust":{"score":88,"label":"Production candidate","version":"trust-score-v4","install_policy":"agent_install_candidate","evidence":{"stars":"4.1K GitHub stars","repoActivity":"4.1K stars, 536 forks","lastPushed":"29d since push","license":"BSD-2-Clause","repository":"https://github.com/jonaslejon/malicious-pdf","install":"npx skills add jonaslejon/malicious-pdf","installSafety":"standard package or runtime install path","permissionSurface":"secrets or environment access, filesystem or document access","documentation":"Strong README/SKILL.md context","agentOutcomes":"No agent outcome data yet"},"outcome_evidence":{"total":0,"successes":0,"failures":0,"not_relevant":0,"success_rate":null,"recent_success_rate":null,"recent_failure_rate":null,"install_attempts":0,"install_success_rate":null,"risk_blocked":0,"setup_required":0,"avg_output_quality":null,"production_outcomes":0,"last_outcome_at":null,"label":"No agent outcome data yet"},"auto_install":{"allowed":true,"sandbox_required":true,"reason":"Trust Score v4 allows sandbox-first agent installation after normal workspace review."},"best_for":["document-processing","pdf","documents","extraction","bugbounty","bugbounty-tool"],"known_risks":["Permission surface needs review: secrets or environment access, filesystem or document access","Permission surface: secrets or environment access, filesystem or document access"]},"agent_proven":{"version":"agent-proven-v1","score":0,"tier":"unproven","label":"Needs first agent run","summary":"No agent outcome reports yet. Use Resolve, run one narrow sandbox task, then report the result.","metrics":{"totalOutcomes":0,"successfulOutcomes":0,"failedOutcomes":0,"installAttempts":0,"installSuccessRate":null,"successRate":null,"recentSuccessRate":null,"recentFailureRate":null,"riskBlocked":0,"setupRequired":0,"notRelevant":0,"avgOutputQuality":null,"avgTimeToUsefulMs":null,"productionOutcomes":0,"humanReviewRequired":0,"uniqueAgents":0,"lastOutcomeAt":null},"signals":[],"penalties":["No real agent outcome evidence yet"]},"audit":{"score":93,"risk_level":"safe_to_try","risk_label":"Safe to try","warnings":["Permission surface may require sandboxing","Permission surface needs review: secrets or environment access, filesystem or document access","Permission surface: secrets or environment access, filesystem or document access"]},"safety_gate":{"tier":"reviewed","label":"Reviewed with permission notes","auto_install_policy":"review","auto_install_allowed":false,"human_review_required":true,"blocked":false,"recommended_action":"Require human approval before installing into a real workspace."},"quality":{"score":100,"label":"Excellent"},"supply":{"track":"Coding and developer agents","scenario":"Testing and QA","maintenance":"29d since push","risk":"Safe to try"},"alternative_skills":[],"do_not_use_when":["teams that need a vendor-supported SLA","high-compliance environments without internal security review","No major risk signals from current metadata","High-risk permission hints: Secrets or environment access","Permission surface may require sandboxing","Permission surface needs review: secrets or environment access, filesystem or document access","Permission surface: secrets or environment access, filesystem or document access","Production credentials, payments, or irreversible account changes without explicit human review"],"agent_contract":{"task_input":"Use Malicious Pdf in an agent workflow","recommended_action":"Require human approval before installing into a real workspace.","install_policy":"review","minimum_review_before_use":["Trust: 88/100 Production candidate","Audit: 93/100 Safe to try","Safety: 65/100 Review before install","Review repository, license, install command, and permission surface before production use."],"expected_agent_output":{"selected_skill":"jonaslejon-malicious-pdf (Malicious Pdf)","install_command":"npx skills add jonaslejon/malicious-pdf","risk_summary":"Safe to try; Reviewed with permission notes; Review before production","verification_result":"Report the smallest successful task, files touched, warnings, and any missing setup."}},"outcome_feedback":{"endpoint":"https://www.openagentskill.com/api/agent/outcome","method":"POST","requires_resolve_event_id":true,"event_id_source":"Use install_receipt.outcome_feedback.event_id or feedback.event_id returned by /api/agent/resolve for the current task.","expected_outcomes":["success","failed","not_relevant","blocked_by_risk","setup_required"],"payload_template":{"event_id":"<install_receipt.outcome_feedback.event_id or feedback.event_id from /api/agent/resolve>","skill_slug":"jonaslejon-malicious-pdf","task":"Use Malicious Pdf in an agent workflow","agent":"codex","outcome":"success","install_used":true,"risk_blocked":false,"setup_required":false,"task_success":true,"output_quality":4,"error_type":null,"human_review_required":false,"workspace":"sandbox","time_to_useful_ms":120000,"notes":"Report the smallest successful task, setup friction, files touched, and risk notes."}},"endpoints":{"web":"https://www.openagentskill.com/skills/jonaslejon-malicious-pdf","api":"https://www.openagentskill.com/api/agent/skills/jonaslejon-malicious-pdf","audit":"https://www.openagentskill.com/skills/jonaslejon-malicious-pdf/audit","eval":"https://www.openagentskill.com/api/agent/evals?slug=jonaslejon-malicious-pdf&task=Use%20Malicious%20Pdf%20in%20an%20agent%20workflow&max_risk=medium","resolve":"https://www.openagentskill.com/api/agent/resolve?task=Use%20Malicious%20Pdf%20in%20an%20agent%20workflow&agent=codex&max_risk=medium","receipt":"https://www.openagentskill.com/api/agent/receipt?task=Use%20Malicious%20Pdf%20in%20an%20agent%20workflow&agent=codex&max_risk=medium&format=text","install":"https://www.openagentskill.com/api/skills/jonaslejon-malicious-pdf/install","manifest":"https://www.openagentskill.com/api/registry/manifest/jonaslejon-malicious-pdf"}},"supply_profile":{"track":{"slug":"coding","label":"Coding and developer agents","shortLabel":"Coding","description":"Code review, repo analysis, testing, CI, GitHub, DevOps, and developer workflow skills."},"scenario":{"label":"Testing and QA","description":"I need my agent to test a web app, reproduce bugs, and verify fixes.","useCases":[{"slug":"document-processing","title":"Document processing"},{"slug":"testing-qa","title":"Testing and QA"},{"slug":"coding-agents","title":"Coding agents"}]},"applicableAgents":["Claude Code","CLI","Codex","Cursor","Python"],"install":{"ready":true,"command":"npx skills add jonaslejon/malicious-pdf","primaryTarget":"CLI","targetCount":4},"githubQuality":{"stars":4080,"starsLabel":"4.1K","forks":536,"license":"BSD-2-Clause","qualityScore":100,"trustScore":88,"auditScore":93},"maintenance":{"status":"fresh","label":"29d since push","daysSincePush":29,"lastPushedAt":"2026-06-04T11:56:10+00:00"},"risk":{"level":"safe_to_try","label":"Safe to try","requiresReview":true,"notes":["Permission surface may require sandboxing","Permission surface needs review: secrets or environment access, filesystem or document access","Permission surface: secrets or environment access, filesystem or document access"]},"coverageTags":["Coding","Testing and QA","document-processing","pdf","documents","extraction","bugbounty","bugbounty-tool"]},"audit":{"audit_score":93,"risk_level":"safe_to_try","risk_label":"Safe to try","quality_score":100,"trust_score":88,"maintenance_score":100,"security_score":84,"install_score":92,"warnings":["Permission surface may require sandboxing","Permission surface needs review: secrets or environment access, filesystem or document access","Permission surface: secrets or environment access, filesystem or document access"]},"quality_signals":{"model":"v1","star_score":25.28,"usage_score":0,"review_score":11.7,"metadata_score":15,"freshness_score":15},"platforms":["Python","PDF","Claude Code"],"use_cases":[{"slug":"document-processing","title":"Document processing","url":"https://www.openagentskill.com/use-cases/document-processing"},{"slug":"testing-qa","title":"Testing and QA","url":"https://www.openagentskill.com/use-cases/testing-qa"},{"slug":"coding-agents","title":"Coding agents","url":"https://www.openagentskill.com/use-cases/coding-agents"},{"slug":"rag-knowledge","title":"RAG and knowledge","url":"https://www.openagentskill.com/use-cases/rag-knowledge"}],"stacks":[{"slug":"coding-review-agent","title":"Coding review agent","url":"https://www.openagentskill.com/collections/coding-review-agent"},{"slug":"rag-knowledge-base","title":"RAG knowledge base","url":"https://www.openagentskill.com/collections/rag-knowledge-base"},{"slug":"content-growth-agent","title":"Content growth agent","url":"https://www.openagentskill.com/collections/content-growth-agent"}],"install":"npx skills add jonaslejon/malicious-pdf","install_targets":[{"id":"openagentskill-cli","label":"CLI","title":"OpenAgentSkill CLI","kind":"command","value":"npx skills add jonaslejon/malicious-pdf","description":"Use the registry command when your workflow supports the OpenAgentSkill installer.","copyLabel":"Copy command"},{"id":"codex","label":"Codex","title":"Codex install prompt","kind":"agent-prompt","value":"Install the \"Malicious Pdf\" agent skill from https://github.com/jonaslejon/malicious-pdf. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: 💀 Generate malicious PDF test files for testing phone-home callbacks, SSRF, XSS, NTLM credential theft, and data exfiltration in PDF viewers, converters, and web applications. Can be used with Burp Collaborator or Interact.sh","description":"Give Codex a repo-aware install prompt when the skill is not available through a local CLI.","copyLabel":"Copy prompt"},{"id":"claude-code","label":"Claude Code","title":"Claude Code skill prompt","kind":"agent-prompt","value":"Add \"Malicious Pdf\" as a Claude Code skill from https://github.com/jonaslejon/malicious-pdf. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: 💀 Generate malicious PDF test files for testing phone-home callbacks, SSRF, XSS, NTLM credential theft, and data exfiltration in PDF viewers, converters, and web applications. Can be used with Burp Collaborator or Interact.sh","description":"Use this prompt to ask Claude Code to add the skill and explain the local activation steps.","copyLabel":"Copy prompt"},{"id":"cursor","label":"Cursor","title":"Cursor rule prompt","kind":"agent-prompt","value":"Turn \"Malicious Pdf\" from https://github.com/jonaslejon/malicious-pdf into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: 💀 Generate malicious PDF test files for testing phone-home callbacks, SSRF, XSS, NTLM credential theft, and data exfiltration in PDF viewers, converters, and web applications. Can be used with Burp Collaborator or Interact.sh","description":"Use this when installing as Cursor project rules or reusable agent instructions.","copyLabel":"Copy prompt"}],"repository":"https://github.com/jonaslejon/malicious-pdf","github_repo":"jonaslejon/malicious-pdf","version":"1.0.0","license":"BSD-2-Clause","urls":{"web":"https://www.openagentskill.com/skills/jonaslejon-malicious-pdf","repository":"https://github.com/jonaslejon/malicious-pdf","api":"/api/agent/skills/jonaslejon-malicious-pdf","install_api":"/api/skills/jonaslejon-malicious-pdf/install"},"meta":{"created_at":"2026-06-05T12:02:00.590967+00:00","updated_at":"2026-06-20T03:02:11.532006+00:00","agent_friendly":true}}