LiteParse

Security checks across malware telemetry and agentic risk

Overview

This is a coherent local document-parsing skill, with a notable disclosure caveat that OCR may download language data despite offline wording.

Before installing, verify the @llamaindex/liteparse npm package source, use explicit file and output paths, and avoid broad private folders unless intended. For strict offline use, run with --no-ocr or preinstall/cache OCR language data before processing sensitive documents.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (4)

Description-Behavior Mismatch

Medium

Confidence: 93% confidence
Finding: The skill metadata claims it 'Runs entirely offline,' but the body later states OCR downloads language data on first run. This mismatch can mislead users or downstream agents into assuming no network access will occur, creating privacy, policy-compliance, and unexpected egress risks when processing sensitive documents.

Intent-Code Divergence

Medium

Confidence: 91% confidence
Finding: The statement 'Zero cloud dependencies' is not equivalent to 'no network activity,' and the nearby offline messaging conflicts with documented OCR downloads. In a security-sensitive environment, this ambiguity can cause unauthorized outbound connections or incorrect trust decisions about handling confidential files.

Vague Triggers

Medium

Confidence: 78% confidence
Finding: The trigger language is very broad, covering essentially any request to read or extract content from a file. Overbroad activation can cause the skill to run in situations the user did not specifically intend, increasing the chance of processing sensitive local documents or invoking tooling with unnecessary file access.

Missing User Warnings

Low

Confidence: 85% confidence
Finding: The documentation mentions OCR download behavior, but the warning is not prominent or paired with the strong offline claims. Users may miss the first-run network requirement and unknowingly allow network access while processing documents they believed would remain strictly local.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal