Ielts Extractor

Security checks across malware telemetry and agentic risk

Overview

This is a local IELTS PDF extraction helper with expected file-output guidance and no evidence of hidden network, credential, persistence, or destructive behavior.

Before installing, use it only on PDFs you are allowed to process, confirm where JSON/images will be written, and review generated files before committing or publishing them.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The skill directs the agent to save extracted content into repository paths, which can cause file modifications without explicit user confirmation or clear write-scope controls. In an agent environment, implicit write instructions are risky because they can overwrite tracked data, introduce unwanted changes, or be abused to persist large copyrighted material into the workspace.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal