Docling

Security checks across malware telemetry and agentic risk

Overview

The skill appears to be a coherent document-conversion wrapper, with powerful Docling options documented but not shown as enabled automatically.

Install is reasonable for local Docling use. Before using it on private documents, avoid remote-service and external-plugin flags unless you deliberately choose them, understand what data may leave the machine, and trust the plugin or service involved.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The CLI reference documents `--enable-remote-services` but provides no warning that enabling it may transmit document contents or metadata to external systems. In a document-extraction skill, users may process sensitive PDFs, images, or internal files, so omission of this warning can lead to unintentional off-system data exposure and compliance/privacy issues.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The reference describes `--allow-external-plugins` without warning that third-party plugins execute untrusted code and may access local files, network resources, credentials, or parsed document contents. In this skill's context, plugin loading materially increases attack surface because the tool handles attacker-controlled documents and URLs, making unsafe extension use especially risky.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal