Back to skill

Security audit

dianju-ofd-tools

Security checks across malware telemetry and agentic risk

Overview

This is a coherent document conversion skill, but users should treat files and API credentials as exposed to the configured conversion service.

Before installing, verify the dianju-ofd-tools npm package and the API endpoint operator. Do not process confidential PDFs or OFDs unless you trust the service, use a secured endpoint, and understand how uploaded files, generated temporary links, logs, and APP_KEY credentials are handled.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Context-Inappropriate Capability

Medium
Confidence
90% confidence
Finding
The skill is presented as operating on local files, but the documented startup command requires APP_ID, APP_KEY, and an API_URL, indicating local documents are sent to an external service for conversion or extraction. This creates a real security and privacy risk because users may assume processing is local and unknowingly transmit sensitive document contents over the network, potentially to an insecure or misconfigured endpoint such as plain HTTP.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The documentation instructs users to provide API credentials and an external API URL but never warns that local PDF/OFD contents may be transmitted to a remote conversion service. This omission is dangerous because users may process confidential files under the false impression that the tool is local-only, leading to unintended disclosure of sensitive data to third-party infrastructure.

VirusTotal

61/61 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.