Back to skill

Security audit

Pdf Field Extractor

Security checks across malware telemetry and agentic risk

Overview

This PDF extraction skill does what it claims, but it can send sensitive document text such as IDs, contracts, invoices, and bank statements to an external AI API without strong privacy warnings or consent controls.

Review before installing. Use only with documents you are allowed to send to the configured AI provider, prefer a scoped API key, avoid IDs/bank statements/contracts unless approved, and ask the publisher for prominent privacy disclosure, redaction controls, and a local-only option.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill processes sensitive PDFs such as invoices, contracts, bank statements, licenses, and IDs, then sends extracted text to an external AI API for field extraction without a prominent user-facing warning. This creates a real privacy and compliance risk because users may unknowingly transmit personal, financial, or contractual data to third-party model providers.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The function sends raw document text to a third-party AI API, which can expose sensitive contents such as invoices, contracts, IDs, or bank statements to an external processor. In this skill context, the documents handled are explicitly high-sensitivity business and personal records, so undisclosed transmission materially increases privacy, compliance, and data-governance risk.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal

Static analysis

No suspicious patterns detected.