Pdf Batch Tool

Security checks across malware telemetry and agentic risk

Overview

This is a small PDF utility skill that works on user-chosen files and does not show hidden access, credentials, persistence, or data exfiltration.

Install only if you are comfortable letting the agent process the PDFs and output locations you specify. Keep originals, use distinct output filenames or folders, avoid confidential PDFs unless your local setup is appropriate, and verify any PDF libraries installed separately.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The skill describes merge, split, watermark, compress, and text-extraction operations that read from and write to user-specified paths, but it provides no warnings about overwriting existing files, destructive modifications, or the need to verify output paths before execution. In an agent setting, this omission can lead to accidental data loss or unintended modification of important PDFs because users may assume the operations are non-destructive or safely isolated.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal