Paperless-ngx

Security checks across malware telemetry and agentic risk

Overview

This is a coherent Paperless-ngx helper skill, but it can access and change sensitive documents if given a powerful API token.

Install this only for a Paperless-ngx instance you intend the agent to manage. Use a dedicated, least-privilege API token where possible, avoid unnecessary downloads of sensitive files, and manually confirm any delete, bulk edit, or reprocess request before allowing the agent to run it.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill documents destructive operations such as DELETE and bulk delete/reprocess without any guidance to require explicit user confirmation, preview affected items, or warn about irreversibility. In an agent setting, this increases the chance of accidental mass deletion or modification of documents from ambiguous or mistaken user prompts.

Missing User Warnings

Low

Confidence: 83% confidence
Finding: The skill includes upload and download flows for potentially sensitive documents but does not warn about privacy, data sensitivity, local file handling, or the need to avoid exposing document contents unnecessarily. This can lead to inadvertent disclosure of personal or confidential data when an agent transfers, stores, or summarizes documents.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal