Security audit
doc-extract-filter
Security checks across malware telemetry and agentic risk
Overview
This skill is a user-directed document text extraction and filtering tool with privacy and dependency cautions, but no hidden or deceptive behavior found.
Install only if you are comfortable letting the agent read documents you explicitly point it at. Use narrow input folders, choose an output directory you control, avoid merged batch output for sensitive collections, and update or pin PDF/OCR/image dependencies before processing untrusted files.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
64/64 vendors flagged this skill as clean.
Static analysis
No suspicious patterns detected.
