ClawHub
Back to skill

Security audit

Easydoc Parse

Security checks across malware telemetry and agentic risk

Overview

The skill is mostly a coherent EasyDoc document parser, but it includes an under-scoped base URL override that can redirect uploaded documents and API keys to any host.

Install only if you are comfortable sending selected documents to EasyLink/EasyDoc cloud APIs. Avoid using it on medical, legal, financial, confidential, or regulated files unless your organization permits that upload. Do not use --base-url unless you fully trust the destination, because it can send both your document contents and API key outside the documented EasyDoc endpoints.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Lp3

Medium
Category
MCP Least Privilege
Confidence
91% confidence
Finding
The skill declares required environment variables and executable tools, and it instructs the agent to read local files and submit them to external APIs, but it does not declare explicit permissions for file access, network access, or secret handling. This creates a permission-model mismatch where a host may under-enforce or fail to surface the real data-exfiltration and file-handling behavior to users.

Context-Inappropriate Capability

Medium
Confidence
94% confidence
Finding
The --base-url option allows an operator or upstream agent to redirect both the API key and full uploaded document contents to any arbitrary host, bypassing the skill's stated EasyDoc-only scope. In an agent setting, this materially increases exfiltration risk because a caller can silently turn a trusted document-parsing helper into a generic file-and-secret sender.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The reference explicitly demonstrates uploading documents, including an example named medical_record_001.pdf, to third-party cloud endpoints without a prominent warning that document contents leave the local environment and may contain sensitive or regulated data. In this skill context, the core function is external document parsing, so transmission is expected, but the lack of privacy and consent guidance creates a real risk of accidental disclosure rather than indicating malicious behavior.

External Transmission

Medium
Category
Data Exfiltration
Content
China platform:

```bash
curl -X POST "https://api.easylink-ai.com/v1/easydoc/parse" \
  -H "api-key: $EASYLINK_API_KEY" \
  -F "files=@document.pdf" \
  -F "mode=easydoc-parse-premium"
Confidence
83% confidence
Finding
https://api.easylink-ai.com/

External Transmission

Medium
Category
Data Exfiltration
Content
Global platform:

```bash
curl -X POST "https://api.easydoc.sh/api/v1/parse" \
  -H "api-key: $EASYDOC_API_KEY" \
  -F "file=@demo_document.pdf" \
  -F "mode=lite"
Confidence
83% confidence
Finding
https://api.easydoc.sh/

VirusTotal

54/54 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.