ClawHub

pdf_ssssssss

Security checks across malware telemetry and agentic risk

Overview

This is a broad local PDF-processing skill that needs careful use, but its behavior is coherent with its purpose and shows no hidden, networked, persistent, or deceptive actions.

Install only if you want local PDF tooling. Use it on PDFs you are authorized to access, review input and output paths before running commands, prefer writing repaired or decrypted files to new filenames, and delete temporary images or JSON files when working with sensitive documents.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (5)

Lp3

Medium
Category
MCP Least Privilege
Confidence
91% confidence
Finding
The skill demonstrates file read and file write behavior throughout the guide, but the metadata does not declare any corresponding permissions. In an agent environment, this creates a transparency and policy-enforcement gap: the skill can encourage filesystem access without making that capability explicit, which increases the chance of overbroad or unintended access to local documents.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The activation text says to use this skill whenever the user wants 'anything with PDF files' or even merely mentions a .pdf file. That trigger is overly broad and can cause inappropriate invocation on ordinary conversational requests involving PDFs, unnecessarily exposing file-processing capabilities and increasing the chance the agent accesses or transforms documents when a lighter-weight response would suffice.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The guide includes instructions for decrypting password-protected PDFs and removing protection, but it does not warn that such actions should only be performed with authorization from the document owner or user. In a general-purpose agent skill, that omission normalizes bypassing protections and may facilitate handling sensitive or restricted documents without adequate consent checks.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The reference includes explicit PDF decryption/password-removal commands and example passwords without any surrounding warning about authorization, secret handling, or legal constraints. In a PDF-processing skill, this can normalize or enable misuse against protected documents and may lead agents to expose or mishandle passwords in logs, prompts, or output.

Missing User Warnings

Medium
Confidence
80% confidence
Finding
The troubleshooting section recommends an in-place repair command that can overwrite the original PDF without warning the user that the source file may be modified. In an agent context, this increases the risk of destructive file operations, accidental data loss, and inability to recover from a failed or incorrect repair attempt.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal