Pdfreader

Security checks across malware telemetry and agentic risk

Overview

This is a small local PDF text extractor with no evidence of hidden network access, credential use, or autonomous behavior.

Install PyMuPDF from a trusted source, run the script from a controlled working directory, and remember that generated JSON contains the extracted contents of the PDF. Avoid using symlinks or relying on the current-directory check as a strong sandbox.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Intent-Code Divergence

Medium

Confidence: 94% confidence
Finding: The documentation states that file access is restricted to the current working directory and forbids path traversal, but the usage examples show arbitrary relative paths like "path/to/file.pdf". This mismatch can mislead users and downstream agents into believing stronger path restrictions exist than are actually demonstrated, increasing the risk of reading unintended local files if the implementation follows the examples rather than the stated policy.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal