港澳台通行证识别与抽取（ADP）

Security checks across static analysis, malware telemetry, and agentic risk

Overview

This skill appears to process highly sensitive identity documents through a remote ADP service, but its documentation is broader and less explicit about privacy, installation, and administrative risks than users should expect.

Review this carefully before installing. Use it only if you are comfortable sending Hong Kong/Macau permit images, identity fields, and document URLs to the ADP cloud service, and verify the provider’s retention, region, and compliance terms. Avoid running remote install scripts directly; prefer verified releases or inspect and pin the installer. Keep API keys out of logs and shared terminals, and do not grant administrative app-management access unless you specifically need those operations.

Publisher note

本技能为来也科技企业级应用，仅通过安全方式调用内部指定 CLI 命令执行文档解析任务，无网络外发、无文件越权访问、无额外风险行为。

SkillSpector (10)

By NVIDIA

Description-Behavior Mismatch

Medium

Confidence: 96% confidence
Finding: The README for a narrowly described Hong Kong/Macau permit extraction skill instead documents a broad, general-purpose ADP CLI with parsing, extraction, batch processing, and app-management features. This scope mismatch can mislead agents or users into invoking capabilities far beyond the declared skill boundary, increasing the chance of unintended data handling and privilege expansion.

Context-Inappropriate Capability

Medium

Confidence: 95% confidence
Finding: Documenting custom app creation, update, deletion, and AI field generation in an ID-permit extraction skill exposes administrative and potentially destructive functionality unrelated to the stated purpose. In an agent context, this broadens the action surface from passive extraction into state-changing operations that could alter or remove applications or create new workflows without clear authorization boundaries.

Description-Behavior Mismatch

Medium

Confidence: 95% confidence
Finding: The README presents a broad, general-purpose ADP document-processing CLI, while the skill metadata claims a narrowly scoped Hong Kong/Macau permit recognition tool. This scope mismatch can mislead agents or users into invoking parsing and extraction capabilities on arbitrary documents, expanding the effective permissions and data exposure surface beyond what the skill advertises.

Description-Behavior Mismatch

Medium

Confidence: 96% confidence
Finding: The documentation explicitly advertises remote URL processing, batch parsing, and general extraction workflows that exceed the stated permit-recognition purpose. In an agent setting, this can cause over-collection or unauthorized processing of unrelated documents because the skill appears more specialized and constrained than it actually is.

Missing User Warnings

Medium

Confidence: 90% confidence
Finding: The README promotes parsing and extracting local files and remote URLs through a cloud document-processing service but does not clearly warn that sensitive identity documents may be uploaded off-host. Given this skill targets Hong Kong/Macau permit data, the missing privacy and data-transfer warning is especially risky because users may process highly sensitive PII without informed consent or proper compliance review.

Missing User Warnings

Medium

Confidence: 98% confidence
Finding: The installation instructions include pipe-to-shell and pipe-to-PowerShell one-liners without any integrity verification, pinning, or warning about the risks of executing remote scripts. This can lead users or agents to run arbitrary code fetched at install time if the source, network path, or upstream repository is compromised.

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The README instructs users to configure an API key and process local files or remote URLs, but does not clearly warn that document contents, URLs, and extracted fields are transmitted to a public cloud service. Because this skill targets identity documents, the omitted disclosure increases privacy and compliance risk around sensitive personal data handling.

Missing User Warnings

Medium

Confidence: 98% confidence
Finding: The installation instructions recommend piping remotely fetched shell and PowerShell scripts directly into interpreters without verification or caution. This creates a supply-chain execution risk: if the upstream source, network path, or repository is compromised, arbitrary code will execute immediately on the host.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill instructs users to upload Hong Kong/Macau permit images and extract identity fields through a remote third-party ADP service, but it does not prominently warn that highly sensitive personal data will leave the local environment. This creates a meaningful privacy and compliance risk because users may unknowingly transmit regulated identity documents and machine-readable codes to an external processor.

Missing User Warnings

Low

Confidence: 89% confidence
Finding: The authentication setup tells users to configure an API key but does not clearly warn against exposing credentials in logs, shell history, screenshots, shared terminals, or agent outputs. This omission can lead to credential leakage and unauthorized use of the ADP account, especially in automated or multi-user environments.

Static analysis

No static analysis findings were reported for this release.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal