ClawHub

ade-mineru-api-skills

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent MinerU document-conversion helper, but users should know it installs a CLI from remote scripts and sends documents or URLs to the MinerU API for processing.

Before installing, inspect or otherwise verify the MinerU installer source if your environment requires supply-chain controls. Before using the skill, confirm which files or URLs will be processed, protect the MinerU token, and avoid uploading sensitive, regulated, proprietary, or internal-only documents unless MinerU's data-handling terms are acceptable.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The document instructs contributors to run a shell-piped installer directly from a remote URL without any warning, signature verification, checksum validation, or review step. This is dangerous because any compromise of the hosting domain, CDN, TLS termination, or installer script would result in immediate arbitrary code execution on the user's machine.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The skill centers on extracting PDFs, images, DOCX files, and URLs via a remote API, which implies user-provided content may be transmitted off-host. Without an explicit privacy and data-transmission warning, an agent could upload sensitive internal documents, credentials embedded in files, or private URLs to a third-party service without informed user consent.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The installation instructions tell users to execute remotely fetched scripts directly with `curl | sh` and `irm | iex` without any verification step or warning. If the CDN, DNS, TLS trust chain, or upstream distribution is compromised, this becomes immediate arbitrary code execution on the user's machine.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal