Back to skill

Security audit

Document Pro

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward document-processing skill that reads user-provided documents and shows no hidden sharing, persistence, or destructive behavior.

Install this only if you want the agent to read and summarize documents you provide or explicitly identify. Avoid using it on confidential, regulated, or secret material unless you are comfortable with the agent processing that content.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The top-level description is broad enough to activate on many ordinary document-related requests without clear guardrails, which can cause the skill to read, parse, or transform user files when the user did not explicitly intend that behavior. In a document-processing skill, ambiguous activation increases the chance of unnecessary file access and unexpected handling of potentially sensitive documents.

Vague Triggers

Medium
Confidence
94% confidence
Finding
The listed trigger scenarios are vague and lack exclusion conditions, so the skill may activate for general conversation about documents rather than only for explicit document-processing tasks. This can lead to over-collection or unnecessary parsing of uploaded content, which is risky because documents often contain confidential or regulated information.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill description does not warn users that using the skill may involve reading, extracting, converting, or otherwise transforming uploaded files. Without that notice, users may unknowingly expose sensitive content or metadata to processing steps they did not expect.

Natural-Language Policy Violations

Medium
Confidence
81% confidence
Finding
Mandating Chinese output regardless of user preference can cause misunderstandings, mistranslation of sensitive document content, or incorrect interpretation of extracted material. In a document-analysis context, forced locale behavior can degrade accuracy and user control, especially for legal, financial, or technical documents.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.