Back to skill

Security audit

Pdf To Word

Security checks across malware telemetry and agentic risk

Overview

This skill is a narrow PDF-to-Word automation guide for Foxit on Windows, with no bundled executable code or evidence of hidden data access.

Install only if you are comfortable with desktop automation that sends keystrokes to Foxit and temporarily uses the clipboard. Run it when Foxit is expected to be the active window, avoid interacting with the machine during conversion, and be aware that the referenced PowerShell script is not included in this artifact.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (1)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill relies on foreground keyboard automation and clipboard pasting to drive Foxit, but the documentation does not clearly warn that it will take over the active GUI and overwrite clipboard contents during execution. This can cause unintended input into the wrong window, accidental disclosure or corruption of clipboard data, and unpredictable behavior if the user switches focus mid-run.

VirusTotal

60/60 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.