Back to skill

Security audit

Paper Bilingual

Security checks across malware telemetry and agentic risk

Overview

This skill coherently converts user-provided PDFs into bilingual Markdown, with expected local processing, optional URL download, LLM translation, and saved output.

Install this only if you are comfortable downloading or reading the chosen PDF, sending its extracted text through the active LLM session for translation, and storing the bilingual Markdown and figures under memory/paper-bilingual. Avoid confidential, regulated, or unpublished documents unless that handling matches your policies.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill instructs the agent to fetch a remote PDF via URL and write both the downloaded file and derived artifacts to local storage, but it does not require informing the user that a network request and filesystem writes will occur. This creates a transparency and consent problem: users may provide sensitive URLs or local paths without realizing the skill will persist content under memory/, potentially retaining copyrighted, private, or sensitive documents and extracted images.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill says to use the current-session LLM to translate the paper paragraph by paragraph, but it does not tell the user that document contents will be sent to a model for processing. If the PDF contains unpublished research, proprietary material, personal data, or regulated content, this can lead to unintended disclosure to model infrastructure or logs.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.