PDF.co

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed PDF.co integration through Maton, with expected API-key use and external document processing but no hidden or deceptive behavior found.

Install this only if you trust Maton and PDF.co to process the documents you submit. Keep MATON_API_KEY private, avoid using sensitive or regulated documents unless third-party processing is allowed, and review the target file, selected connection, and intended effect before approving edits, password changes, parsing, or connection deletion.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Description-Behavior Mismatch

Medium

Confidence: 84% confidence
Finding: The manifest and high-level scope understate the actual capabilities exposed by the skill by omitting barcode generation and barcode reading endpoints. This can mislead users and policy layers about what the skill can do, reducing informed consent and weakening permission/scope review for data-processing actions.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill processes PDFs, URLs, invoice contents, extracted text, and other document data via external services, but the description does not clearly warn users that their content is transmitted off-platform to Maton/PDF.co. This creates a meaningful transparency and privacy risk, especially for sensitive or regulated documents.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal