PDF Sanitizer

Security checks across malware telemetry and agentic risk

Overview

This PDF sanitizer is purpose-aligned and local-only, but users should handle its reports carefully because they may contain sensitive snippets and location metadata.

Before installing, confirm that your workflow is acceptable with JSON reports that may include truncated PII and exact page locations. Store reports with the same protections as the original PDFs, and prefer masked or category-only reporting for highly sensitive documents.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Description-Behavior Mismatch

Medium

Confidence: 92% confidence
Finding: The implementation detects additional data types—email addresses, passport numbers, and IPv4 addresses—that are not disclosed in the skill metadata. This creates a transparency and consent gap: operators or users may provide documents believing only IDs, phones, addresses, and bank cards are inspected, while the tool actually extracts more categories of potentially sensitive data.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The workflow states that the generated JSON report includes a truncated original snippet together with page number, bounding box, category, and mode applied. Even truncated snippets and precise location metadata can leak sensitive information or facilitate reconstruction of redacted content, especially when reports are shared, logged, or stored less securely than the sanitized PDF.

VirusTotal

51/51 vendors flagged this skill as clean.

View on VirusTotal