Back to skill

Security audit

Links to PDFs

Security checks across malware telemetry and agentic risk

Overview

This skill appears aimed at turning links into PDFs, but it uses sensitive login/session access and a background process without enough clarity about storage, retention, and cleanup behavior.

Review before installing. Use this only on a machine where storing web-session cookies and generated PDFs is acceptable, avoid shared systems, verify the npm package source, and look for a documented logout/profile purge and retention-control path before providing credentials.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill explicitly supports authentication flows, passwords, and session persistence via profiles, but it does not clearly disclose where credentials, cookies, or session artifacts may be stored, for how long, or with what protections. In a scraping tool that handles protected documents, this omission can lead users to unknowingly leave sensitive authentication material on disk, increasing the risk of credential theft or unauthorized reuse from the local machine.

Missing User Warnings

Medium
Confidence
83% confidence
Finding
The README states that the daemon automatically cleans up files older than 1 hour, but it does not prominently warn users that generated PDFs may be deleted automatically. Because these PDFs may contain sensitive or business-critical scraped content, silent retention and deletion behavior can cause unexpected data loss or interfere with audit/archive expectations.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.