ClawHub

Api2Pdf

Security checks across malware telemetry and agentic risk

Overview

This is a document-conversion skill for Api2Pdf via Membrane, with normal privacy and account-access cautions but no hidden or malicious behavior found.

Install only if you intend to use Api2Pdf through Membrane. Verify the Membrane CLI package before global installation, use the intended Api2Pdf account, avoid sending confidential or regulated documents unless approved, and require explicit confirmation before deleting generated files or using raw proxy requests.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (4)

Description-Behavior Mismatch

Medium
Confidence
87% confidence
Finding
The manifest markets the skill as generally managing 'data, records, and workflows,' but the actual capability set is document transformation plus a generic authenticated proxy to Api2pdf. That mismatch can cause an orchestrating agent or user to invoke the skill in broader situations than intended, increasing the chance that sensitive URLs, HTML, or files are sent to a third-party conversion service without clear user understanding.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The invocation guidance is overly broad, encouraging use whenever a user wants to interact with 'Api2pdf data' rather than when they specifically want document conversion or related PDF operations. In agentic environments, vague triggers increase the probability of unnecessary tool activation and accidental external sharing of sensitive content.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill describes converting raw HTML, URLs, and files through external services but does not warn that supplied content may leave the local environment and be processed by Api2pdf via Membrane. This is dangerous because users or agents may unknowingly submit sensitive internal URLs, confidential documents, or personal data to a third-party processor.

Missing User Warnings

Low
Confidence
76% confidence
Finding
The documented 'Delete File' action is a destructive capability, yet the skill provides no warning that generated files can be permanently removed before the normal retention period. In an automated setting, this can lead to accidental loss of outputs or disruption of workflows that expect files to remain available.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal