Security audit

试卷OCR重建助手

Security checks across malware telemetry and agentic risk

Overview

This is a coherent exam OCR helper, but users should be aware that exam files may be processed by external OCR/LLM services and saved into local report files.

Install only if you are comfortable using OCR/LLM services for the exam materials you provide. Avoid uploading confidential student records, copyrighted tests, or regulated documents unless you have permission, and choose a dedicated output folder for generated images, JSON, HTML, and Markdown files.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (5)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 90% confidence
Finding: The skill directs the agent to generate local output files such as HTML, JSON, and Markdown, and references local scripts and output paths, but it does not declare permissions for file-writing behavior. Undeclared write capability weakens user consent and platform policy enforcement because the skill can create or overwrite files beyond what a user may reasonably expect.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The README explicitly describes sending exam PDFs/images through OCR and LLM review workflows, including an external Tencent Docs OCR connector, but does not warn users that document contents may be transmitted to third-party services. Because exam papers can contain confidential educational content or personal data, this omission creates a real privacy and data-handling risk through uninformed use rather than a purely documentation issue.

Vague Triggers

Medium

Confidence: 78% confidence
Finding: The trigger list includes broad phrases like 'PDF试卷', '试卷录入', and 'exam OCR', which may cause the skill to activate for generic document-handling requests without clear user intent. Overbroad activation can lead to unintended processing of sensitive educational materials and accidental transmission to external services or local file generation.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill instructs users to send exam PDFs/images to Tencent Docs OCR and optionally create online documents, but it does not clearly disclose that document contents may be transmitted to a third-party service. This creates a data privacy risk, especially because exam papers may contain copyrighted material, answer keys, student information, or other sensitive educational content.

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The document recommends sending exam page images and OCR content to external services such as Tencent Docs, Baidu AI, Alibaba Cloud, and DashScope, but it does not warn users that uploaded exam papers may contain sensitive student data, copyrighted test content, or regulated educational records. In a skill specifically designed for exam OCR and reconstruction, this omission increases the chance of unintentional privacy and data-handling violations.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.