file-processor

Security checks across malware telemetry and agentic risk

Overview

This skill reads user-provided files locally to extract previews or OCR text, and the reviewed artifacts do not show hidden data theft, persistence, or destructive behavior.

Install dependencies from trusted package sources, preferably in a virtual environment. Use this skill only on files you intend the agent to read, because extracted text, tables, or OCR output may appear in chat or logs; avoid secrets, regulated data, or confidential documents unless that is acceptable.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 93% confidence
Finding: The skill states users can 'directly send files' and that the system will automatically process them by format, but it does not define trigger boundaries, file-type exclusions beyond examples, or safety checks before parsing. Broad automatic invocation increases the chance of unintended processing of sensitive, unsupported, or risky files and can lead to privacy issues or unsafe downstream handling.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The description says the skill automatically recognizes and processes user-sent files, but it does not warn users that uploaded content will be read, parsed, and potentially OCR-processed or summarized. Without clear notice, users may unknowingly expose sensitive document contents, creating a privacy and consent risk.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal