Pdf To Markdown

Security checks across malware telemetry and agentic risk

Overview

This local PDF converter mostly matches its purpose, but unsafe filename handling and retained document outputs make it worth reviewing before use.

Review before installing if you process confidential PDFs. Use simple trusted filenames and avoid untrusted or unusually named PDFs until path handling is fixed. Treat ~/.pdf-to-markdown as sensitive because it may contain converted text, JSON exports, config, and history logs; delete that directory when you no longer need the retained data.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The skill persistently writes extracted PDF contents to Markdown files and exported JSON files under a user data directory, but the interface and help text do not clearly warn users that potentially sensitive document contents will be stored on disk. In a document-conversion skill, users may process confidential PDFs, so silent persistence increases the risk of unintended data retention, later disclosure via backups, shared accounts, or local compromise.

Missing User Warnings

Low

Confidence: 88% confidence
Finding: The _log function appends timestamps and user file paths/operations to a persistent history log without clearly notifying the user that metadata about processed documents is retained. Even if content is not logged, file names and paths can reveal sensitive information such as project names, clients, or document subjects.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal