DocHub

Security checks across malware telemetry and agentic risk

Overview

DocHub is a legitimate local document conversion skill, but its init workflow can broadly move and recursively rename workspace folders without a dry run or precise user approval.

Install only if you will run it in a dedicated, backed-up folder containing documents intended for DocHub. Check the working directory carefully before init, avoid --yes unless you have already reviewed the files, and expect local folder moves, recursive renames, Markdown outputs, and a persistent local index.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The script performs recursive bulk renaming of files and directories directly on the target path with no dry-run mode, no confirmation prompt, no scope restrictions, and no rollback support. In an agent or automation context, a wrong path, symlinked content, or unexpected normalization collisions can irreversibly alter user data and break references, making this a real safety issue even if it is not traditionally malicious code execution.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal