Back to skill

Security audit

pdf-processing

Security checks across malware telemetry and agentic risk

Overview

This is a simple PDF helper skill with disclosed PDF operations and no evidence of hidden execution, persistence, credential access, or data exfiltration.

Install only if you want an agent to help with PDF processing. For sensitive PDFs, specify the exact files and operation, keep originals, and confirm output paths before form filling or merging.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
93% confidence
Finding
The activation guidance is extremely broad: '当需要对 PDF 文件进行操作时使用此技能' can cause the skill to trigger for almost any PDF-related request, including cases where the user did not explicitly ask for file modification or where safer read-only handling would be preferable. Over-broad activation increases the chance of unintended file access, modification, or use in contexts outside the skill's narrowly intended purpose.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill description advertises form filling and document merging without warning that these operations modify files or produce new output artifacts. Users or downstream agents may assume the skill is read-only, which can lead to accidental overwrites, unintended data propagation across documents, or processing of sensitive PDFs without adequate caution.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.