Doc Translate

Security checks across malware telemetry and agentic risk

Overview

This appears to be a document-translation helper whose file handling and conversion steps fit its purpose, but users should treat translated documents as sensitive data.

Install only if you are comfortable letting the agent process the documents you explicitly choose for translation. Avoid regulated or highly confidential files unless you have confirmed the storage location, cleanup behavior, conversion tools, and any upload or sharing destination.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands

Findings (4)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 84% confidence
Finding: The skill advertises executable shell-based workflows and external script invocation, but no permissions are declared. That creates a transparency and policy-enforcement gap: a caller or platform may treat the skill as low-risk while it can actually execute local commands, unpack files, and invoke external tooling such as Python or split/soffice-style utilities.

Tp4

High

Category: MCP Tool Poisoning
Confidence: 90% confidence
Finding: The documented behavior materially overstates what the skill can safely and reliably do, especially around arbitrary-language support, PDF fidelity, and format preservation. Security-relevant mismatches matter because users may entrust sensitive documents under false assumptions, and hidden external conversion steps increase attack surface and data-handling risk.

Vague Triggers

Medium

Confidence: 78% confidence
Finding: Broad trigger phrases like generic 'translate document' can cause the skill to activate for requests beyond its intended scope, increasing the chance of accidental processing of unrelated or sensitive files. In a file-handling skill, overbroad invocation is more dangerous because activation can lead to downloading, parsing, rewriting, and sending documents without precise user intent.

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The skill describes downloading attachments, saving them locally, and re-sending or uploading transformed files, but it provides no explicit disclosure or consent flow for data handling. Because office documents often contain sensitive business or personal information, undisclosed local storage and onward transmission materially increase privacy, compliance, and accidental exfiltration risk.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal