Back to skill

Security audit

Office Toolkit

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward Office/PDF document helper with disclosed local tooling, but its dependency metadata is incomplete.

Install only if you are comfortable letting the agent process local Office/PDF files and run local document tools. For untrusted documents, use a sandbox or controlled environment, and verify that pandoc, LibreOffice/soffice, and the listed Python libraries are installed because the manifest does not declare all of them.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Description-Behavior Mismatch

Medium
Confidence
91% confidence
Finding
The metadata is inconsistent: the skill description states that pandoc and LibreOffice are required for validation, while the manifest declares no binary dependencies. This can cause deployment and review systems to misclassify the runtime requirements, leading operators to install or permit undeclared external tools without proper scrutiny, which weakens supply-chain review and sandbox policy enforcement.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.