Document Skill

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only document-processing skill with broad wording, but it contains no executable code, install steps, credential use, persistence, or hidden data flows.

Install this only if you want the agent to help read, extract, and summarize documents. Treat any private, encrypted, or business-sensitive documents as data you are intentionally providing to the agent, and be aware that the broad Chinese trigger wording may invoke the skill for general document-analysis requests.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The skill description is extremely broad and claims to handle many common document-analysis tasks, which can cause over-triggering on routine user requests. In an agent environment, this increases the chance the wrong skill is invoked, leading to unintended access to user-provided documents or unnecessary processing of sensitive content.

Natural-Language Policy Violations

Medium

Confidence: 81% confidence
Finding: The skill description is written to operate in Chinese without indicating user choice, fallback behavior, or justification. This can cause mismatches between user intent and skill behavior, increasing the risk of incorrect processing, misunderstood outputs, or accidental disclosure if translated or summarized content is handled in an unexpected language.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal