Back to skill

Security audit

Paperless-ngx Document Manager

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward Paperless-ngx document-management skill that uses the configured Paperless token for expected document and metadata operations.

Install only if you are comfortable giving the agent the same Paperless-ngx access as the configured token. Prefer a limited Paperless account or token where possible, and confirm uploads, metadata creation, bulk edits, deletes, and download paths before running advanced operations.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
The script exposes a state-changing capability to create correspondents even though the declared skill scope only mentions searching, uploading, tagging, and retrieving documents. This kind of scope drift is dangerous because an agent or user relying on the manifest may grant trust or permissions under incomplete assumptions, enabling unintended modification of Paperless-ngx metadata.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.