ClawHub

Merge PDF

Security checks across malware telemetry and agentic risk

Overview

This PDF merge skill is purpose-aligned but sends selected PDFs to a third-party API, so users should avoid sensitive documents unless they trust that provider.

Install only if you are comfortable sending the PDFs you choose to Cross-Service-Solutions for processing. Do not use it for confidential, regulated, legal, financial, or proprietary documents unless you have reviewed the provider's privacy, retention, and compliance terms.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (5)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The README explicitly instructs users to upload their PDFs to an external third-party service but provides no privacy, retention, consent, or data-handling warning. Because PDFs commonly contain sensitive personal, legal, financial, or proprietary information, omitting this disclosure can cause users to unknowingly transmit confidential data outside the local environment.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill sends user-provided PDF contents to an external third-party service, but the description does not clearly warn users that their documents will leave the local agent environment. This can lead to unintentional disclosure of sensitive document contents, especially if users assume processing is local or first-party.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The script uploads user-supplied PDFs to a third-party remote service, but the skill description and code do not provide any explicit disclosure, confirmation step, or warning that document contents leave the local system. In an agent-skill context, users may reasonably expect local processing, so silent off-system transmission can expose sensitive documents and metadata to an external provider.

External Transmission

Medium
Category
Data Exfiltration
Content
- Register / get key: https://login.cross-service-solutions.com/register

## How it works
1) Upload PDFs to `POST https://api.xss-cross-service-solutions.com/solutions/solutions/api/30`
2) Poll `GET https://api.xss-cross-service-solutions.com/solutions/solutions/api/<job_id>` until done
3) Return `output.files[0].path` as the download URL
Confidence
92% confidence
Finding
https://api.xss-cross-service-solutions.com/

External Transmission

Medium
Category
Data Exfiltration
Content
## How it works
1) Upload PDFs to `POST https://api.xss-cross-service-solutions.com/solutions/solutions/api/30`
2) Poll `GET https://api.xss-cross-service-solutions.com/solutions/solutions/api/<job_id>` until done
3) Return `output.files[0].path` as the download URL

## Script (CLI)
Confidence
88% confidence
Finding
https://api.xss-cross-service-solutions.com/

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal