test skill publish

Security checks across malware telemetry and agentic risk

Overview

This is a local PDF-processing skill with expected file read/write behavior, but users should be deliberate about processing sensitive or password-protected PDFs.

Install this only if you want a local helper for PDF work. Use copies for important documents, process sensitive PDFs only when necessary, decrypt or remove passwords only when you are authorized, avoid putting real passwords in shared logs or shell history, and delete generated images or JSON files if they contain private content.

SkillSpector

By NVIDIA

Vulnerability Patterns

Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 86% confidence
Finding: The trigger condition is very broad: 'If the user mentions a .pdf file or asks to produce one, use this skill.' That can cause the skill to activate for incidental PDF mentions and unnecessarily grant file-processing behaviors or bias the agent toward tool use when the user only wanted discussion, analysis, or a safer alternative.

Missing User Warnings

Medium

Confidence: 90% confidence
Finding: The documentation includes password removal and decryption examples without any warning to verify authorization or handle protected content safely. In an agent setting, this normalizes bypass-oriented operations and could facilitate processing of sensitive or access-controlled documents without adequate consent checks.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal