File Converter

Security checks across malware telemetry and agentic risk

Overview

This appears to be a normal file-conversion skill, with the main risk being ordinary file reads and output writes that users should scope carefully.

Install only if you are comfortable letting the agent read the files you name and write converted copies to disk. Before running it, specify the exact input files, output format, destination folder, and whether overwriting existing files is allowed; use a separate output folder for sensitive or batch conversions.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration

Findings (4)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 93% confidence
Finding: The skill clearly directs the agent to read input files and write converted outputs, but it does not declare those permissions. Undeclared file read/write capability weakens user and platform visibility into what the skill can access and modify, which is especially relevant for batch operations that may touch many files.

Tp4

High

Category: MCP Tool Poisoning
Confidence: 84% confidence
Finding: A description-behavior mismatch is a real security concern because users and orchestration systems may authorize the skill for simple format conversion while the underlying tooling can perform broader filesystem-affecting document and image operations. That expands the effective attack surface and can lead to unexpected file generation, content extraction, metadata inspection, or transformations beyond what the user believed they were enabling.

Vague Triggers

Medium

Confidence: 71% confidence
Finding: The activation guidance uses broad examples like 'convert this PDF' or 'turn this into PDF,' which can cause the skill to trigger on generic requests without sufficient scoping of source, destination, overwrite behavior, or file set. In an agent setting, overbroad triggering increases the chance of unintended file processing or batch actions on local content the user did not mean to transform.

Missing User Warnings

Medium

Confidence: 89% confidence
Finding: The skill omits a clear warning that conversions and batch operations write files to disk and may overwrite existing outputs or create many artifacts. That matters because users may treat the skill as informational or reversible, when in fact it performs persistent filesystem changes that can cause data loss, clutter, or accidental exposure of converted copies.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal