Back to skill

Security audit

PDF Batch Processing Tool

Security checks across malware telemetry and agentic risk

Overview

This is a local PDF utility whose file access and dependencies fit its stated purpose, though users should treat untrusted PDFs carefully and note that some advertised features are not implemented.

Install only if you need local merge, split, rotate, or text-extraction workflows. Use an isolated Python environment, pin current patched dependency versions if possible, and avoid processing PDFs from untrusted sources without sandboxing or resource limits. Do not rely on the advertised image extraction or compression features unless the publisher adds matching scripts.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Lp3

Medium
Category
MCP Least Privilege
Confidence
89% confidence
Finding
The skill describes reading and writing local files but does not declare any permissions, which creates a transparency and policy-enforcement gap. In an agent environment, undeclared file access can lead to processing unintended files, overwriting outputs, or bypassing user expectations about what the skill is allowed to touch.

Unpinned Dependencies

Low
Category
Supply Chain
Content
pypdf>=3.0.0
Pillow>=10.0.0
Confidence
95% confidence
Finding
pypdf>=3.0.0

Unpinned Dependencies

Low
Category
Supply Chain
Content
pypdf>=3.0.0
Pillow>=10.0.0
Confidence
98% confidence
Finding
Pillow>=10.0.0

Known Vulnerable Dependency: pypdf — 10 advisory(ies): CVE-2026-24688 (pypdf has possible Infinite Loop when processing outlines/bookmarks); CVE-2026-27628 (pypdf has a possible infinite loop when loading circular /Prev entries in cross-); CVE-2026-40260 (pypdf: Manipulated XMP metadata entity declarations can exhaust RAM) +7 more

Low
Category
Supply Chain
Confidence
87% confidence
Finding
pypdf

Known Vulnerable Dependency: Pillow — 10 advisory(ies): CVE-2016-2533 (Pillow buffer overflow in ImagingPcdDecode); CVE-2023-50447 (Arbitrary Code Execution in Pillow); CVE-2021-27922 (Pillow Uncontrolled Resource Consumption) +7 more

Critical
Category
Supply Chain
Confidence
97% confidence
Finding
Pillow

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.