Back to skill

Security audit

Extract Formulas From Pdf

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward MinerU PDF formula-extraction helper, but users should understand documents may be processed by an external service.

Install only if you trust the MinerU CLI source and are comfortable using a MinerU token. Do not process confidential, regulated, or proprietary PDFs or URLs unless your organization permits MinerU service processing and you have reviewed its data-handling terms.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
91% confidence
Finding
The skill is scoped as local PDF formula extraction, but the documentation expands its effective behavior to support URLs and references the broader authenticated `crawl` workflow. That mismatch can cause users or downstream agents to fetch and transmit remote content to an external service without realizing the skill has network/data-exfiltration behavior beyond local document processing.

Context-Inappropriate Capability

Medium
Confidence
89% confidence
Finding
Advertising URL operation for a skill whose stated purpose is PDF formula extraction introduces hidden capability expansion. In an agent setting, this can lead to unexpected remote fetching, SSRF-like misuse, or transmission of third-party/internal document data through the external MinerU service under the guise of a simple local extraction task.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The documentation fails to warn that extraction may operate on URLs and that processing requires authentication to an external service, which implies document contents may leave the local environment. This creates a meaningful data handling and privacy risk because users may submit sensitive PDFs or remote documents without informed consent about third-party transmission.

VirusTotal

61/61 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.