ClawHub

Protect PDF with password

Security checks across malware telemetry and agentic risk

Overview

This skill does what it says: it sends a chosen PDF and password to a named PDF-processing API and returns a protected-file download URL.

Install only if you trust Cross-Service-Solutions with the PDFs you process and with the chosen document password. Do not reuse account passwords as PDF passwords, keep the API key and returned download URL private, verify the base URL has not been overridden, and prefer local/offline PDF encryption for highly confidential documents.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (6)

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The README explicitly instructs users to upload a PDF and the chosen password to a third-party remote API, but provides no warning about confidentiality, retention, logging, or trust boundaries. Because both the document and the secret used to protect it are transmitted off-host, this creates a meaningful data-exposure risk if the service, its operators, or intermediaries mishandle the content.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill handles highly sensitive inputs—a PDF and its protection password—but does not prominently warn users that both are transmitted to a third-party API. This can lead to inadvertent disclosure of confidential documents and secrets to an external service, especially if users assume processing is local.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The script uploads both the PDF contents and the user-supplied password to a third-party remote API, but the interface and output do not clearly warn the user that sensitive document data and the protection password leave the local environment. This creates a real confidentiality risk, especially because users may assume password protection happens locally and may submit sensitive PDFs and passwords to an untrusted or misconfigured service.

External Transmission

Medium
Category
Data Exfiltration
Content
## How it works
1) Upload PDF + password to:
   `POST https://api.xss-cross-service-solutions.com/solutions/solutions/api/32`
2) Poll:
   `GET  https://api.xss-cross-service-solutions.com/solutions/solutions/api/<job_id>`
3) Return `output.files[0].path` as the download URL
Confidence
94% confidence
Finding
https://api.xss-cross-service-solutions.com/

External Transmission

Medium
Category
Data Exfiltration
Content
1) Upload PDF + password to:
   `POST https://api.xss-cross-service-solutions.com/solutions/solutions/api/32`
2) Poll:
   `GET  https://api.xss-cross-service-solutions.com/solutions/solutions/api/<job_id>`
3) Return `output.files[0].path` as the download URL

## Script (CLI)
Confidence
89% confidence
Finding
https://api.xss-cross-service-solutions.com/

External Transmission

Medium
Category
Data Exfiltration
Content
## API endpoints
Base URL:
- `https://api.xss-cross-service-solutions.com/solutions/solutions`

Create password-protect job:
- `POST /api/32`
Confidence
84% confidence
Finding
https://api.xss-cross-service-solutions.com/

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal