jpocr

Security checks across malware telemetry and agentic risk

Overview

This appears to be a purpose-aligned local OCR skill, with a reported wrapper-script quoting concern but no artifact-backed evidence of deception, exfiltration, persistence, or destructive behavior.

Install if you want a local OCR helper for Japanese documents and are comfortable processing the files you provide to it. Prefer trusted file paths, avoid passing attacker-controlled filenames or shell-like input, and look for an update that quotes shell arguments or otherwise hardens the wrapper script.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 92% confidence
Finding: The manifest description includes broad trigger language such as requests to "extract text from Japanese documents, screenshots, or scanned pages" and also says it "works for English," which can cause the skill to activate for generic OCR requests beyond narrowly scoped Japanese OCR use cases. Over-broad activation can route unrelated user content into this skill unexpectedly, increasing the chance of unintended file/image processing and incorrect tool selection in multi-skill environments.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal