Watermark Remover

Security checks across malware telemetry and agentic risk

Overview

This skill locally detects and removes watermarks from PDFs, with disclosed preview/output file creation and no evidence of hidden sharing or persistence.

Use this only on PDFs you are authorized to modify. Review where preview images and output PDFs will be written, keep originals backed up, and approve dependency installation only in a trusted Python environment.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (2)

Description-Behavior Mismatch

Medium

Confidence: 91% confidence
Finding: The detection script writes extracted image data from the PDF to disk during a supposed analysis step, which creates side effects beyond simple watermark detection. In this skill context, that can leak potentially sensitive embedded PDF content into the filesystem without an explicit user confirmation step, and repeated use may leave residual files in shared or temporary directories.

Vague Triggers

Medium

Confidence: 93% confidence
Finding: The trigger phrases are broader than the documented PDF-only scope and include generic requests to remove watermarks from 'files'. In an agent setting, this can cause the skill to activate for unsupported formats, leading to incorrect handling, unsafe script invocation assumptions, or unintended modification attempts on non-PDF inputs.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal