NEXUS Document Extract

Security checks across malware telemetry and agentic risk

Overview

This paid document-extraction skill appears legitimate, but users should review it because it can automatically send document text and payment credentials to a remote service without clearly scoped confirmation rules.

Install only if you are comfortable sending document contents to the NEXUS hosted service and enabling payment-backed requests. Require explicit confirmation before each use, avoid sensitive or regulated documents unless you trust the provider's retention and compliance terms, and keep NEXUS_PAYMENT_PROOF scoped and revocable.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 84% confidence
Finding: The README states the skill is 'automatically invoked' when a matching task is detected, but it does not define matching criteria, consent requirements, or trust boundaries. In a document-extraction skill, that ambiguity can cause an agent to send document contents to a remote service without clear user awareness or approval, increasing the risk of unintended data disclosure.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill description and usage section do not clearly warn that submitted document contents are transmitted to a third-party remote endpoint. Because this skill processes text documents, users or calling agents may pass sensitive, regulated, or proprietary data, making the lack of an explicit disclosure materially dangerous.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal