paperless-ngx-tools

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward Paperless-ngx integration, but it can access and modify your document archive when you run its commands.

Install this only if you are comfortable letting an agent use your Paperless-ngx token to read documents, upload files, and create metadata. Use a least-privilege Paperless account if possible, prefer HTTPS for remote instances, explicitly approve any advanced API update/delete/bulk operation, and pass a safe --output path when downloading files.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Description-Behavior Mismatch

Medium

Confidence: 96% confidence
Finding: The script supports creating new document types via the `--create` flag, which goes beyond the declared skill scope of only searching, uploading, tagging, and retrieving documents. This is dangerous because it expands the agent's effective write capabilities in the Paperless-ngx instance, enabling unauthorized taxonomy changes and violating least-privilege expectations users may rely on when granting access.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal