Back to skill

Security audit

PDF to Image

Security checks across malware telemetry and agentic risk

Overview

This PDF conversion skill is a straightforward wrapper around a hosted pdfapihub.com API, but users should understand that submitted PDFs or PDF URLs leave their environment.

Install only if you are comfortable sending PDFs or PDF URLs, plus your API key, to pdfapihub.com. Avoid confidential, regulated, or internal documents unless you have reviewed and accepted the provider's data-handling, retention, and security terms.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Description-Behavior Mismatch

Medium
Confidence
91% confidence
Finding
The example shows that the skill sends the PDF source URL to a third-party API and receives externally hosted output URLs, which materially differs from a user expectation of local PDF-to-image conversion. This can cause unintended disclosure of document contents, metadata, or access patterns to an external service if users believe processing is local or self-contained.

Context-Inappropriate Capability

Medium
Confidence
88% confidence
Finding
The skill depends on an external API with API-key-authenticated remote processing even though the stated purpose reads like a straightforward file conversion utility. That mismatch increases the risk of unnecessary data exfiltration, third-party retention, and trust boundary violations, especially for sensitive PDFs that users may assume remain in the local agent environment.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill instructs users to provide either a public PDF URL or the PDF file itself, but it does not clearly warn that this content will be transmitted to and processed by the third-party service pdfapihub.com. This can lead users to unknowingly send sensitive documents or internal URLs to an external processor, creating confidentiality and privacy risk.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The manifest explicitly sends user-supplied PDFs to an external service endpoint, but it provides no user-facing notice about third-party transmission, retention, or privacy risks. PDFs often contain sensitive business or personal data, so silently uploading them to a remote API can expose confidential information and create compliance issues even if the API is functioning as intended.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.