ClawHub

PDF to Text

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward cloud PDF-to-text converter, but users should understand that PDFs and results are handled by pdfapihub.com.

Install only if you are comfortable sending PDF files, PDF URLs, and resulting extracted text through pdfapihub.com. Avoid confidential, regulated, or highly sensitive PDFs unless you have reviewed that provider's privacy, retention, CDN hosting, and access-control practices, and keep the API key protected.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Description-Behavior Mismatch

Medium
Confidence
94% confidence
Finding
The skill description implies simple PDF-to-text extraction, but the example actually uploads or references a document to an external third-party conversion API and returns a hosted output URL. This creates a material privacy and data-handling mismatch: users may assume local processing while documents and extracted text are transmitted to, and stored by, another service.

Context-Inappropriate Capability

Medium
Confidence
91% confidence
Finding
The example performs network-based document transmission to an external API, which can expose sensitive document contents, metadata, and extracted text to a third party. Even if this is functionally necessary for SaaS conversion, the lack of explicit justification, safeguards, or minimization makes it a genuine data exposure risk.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill instructs users to send either a PDF URL or file content and an API key to pdfapihub.com, but it does not clearly warn that document contents and credentials are transmitted to an external third-party service. This creates a real data-handling and privacy risk because users may submit sensitive PDFs without informed consent about where the data is going.

Natural-Language Policy Violations

Low
Confidence
72% confidence
Finding
The example hard-codes a specific external API endpoint without disclosing privacy, residency, or provider-selection implications. While not inherently malicious, this can lock users into an undisclosed third-party processor and obscure where potentially sensitive documents are handled.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The manifest sends either a public PDF URL or base64-encoded PDF content to a third-party service, which can expose sensitive document contents outside the local trust boundary. There is no user-facing warning, privacy notice, or indication of retention/handling limits, so users may unknowingly transmit confidential files to an external processor.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal