Back to skill

Security audit

DeepRead OCR

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only OCR API integration that sends chosen documents to DeepRead, with no hidden execution or local persistence found.

Install only if you are comfortable sending selected documents to DeepRead and, if configured, to your webhook endpoint. Keep DEEPREAD_API_KEY out of files and chats, secure webhook receivers, and treat preview URLs as private bearer links because anyone with the link may be able to view document previews or extracted results.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (23)

Missing User Warnings

Medium
Confidence
94% confidence
Finding
This markdown file repeatedly instructs users to upload local documents to the DeepRead API and optionally send results to a webhook, which can transmit potentially sensitive document contents off-system. While the examples show how to call the service, the skill description does not clearly warn users that document files and OCR results are being sent to third-party endpoints.

Missing User Warnings

High
Confidence
97% confidence
Finding
The documentation states that preview URLs can be shared without authentication and shows a public preview endpoint with 'No authentication required'. Because this can expose original documents and extracted data to anyone possessing the link, the skill should prominently warn users about the confidentiality implications rather than presenting it as a standard feature only.

External Transmission

Medium
Category
Data Exfiltration
Content
**Option A: With Webhook (Recommended)**
```bash
# Upload PDF with webhook notification
curl -X POST https://api.deepread.tech/v1/process \
  -H "X-API-Key: $DEEPREAD_API_KEY" \
  -F "file=@document.pdf" \
  -F "webhook_url=https://your-app.com/webhooks/deepread"
Confidence
60% confidence
Finding
curl -X POST https://api.deepread.tech/v1/process \ -H "X-API-Key: $DEEPREAD_API_KEY" \ -F "file=@document.pdf" \ -F "webhook_url=https://your-app.com/webhooks/deepread" # Returns immediately {

External Transmission

Medium
Category
Data Exfiltration
Content
**Option A: With Webhook (Recommended)**
```bash
# Upload PDF with webhook notification
curl -X POST https://api.deepread.tech/v1/process \
  -H "X-API-Key: $DEEPREAD_API_KEY" \
  -F "file=@document.pdf" \
  -F "webhook_url=https://your-app.com/webhooks/deepread"
Confidence
50% confidence
Finding
https://api.deepread.tech/

External Transmission

Medium
Category
Data Exfiltration
Content
**Option B: Poll for Results**
```bash
# Upload PDF without webhook
curl -X POST https://api.deepread.tech/v1/process \
  -H "X-API-Key: $DEEPREAD_API_KEY" \
  -F "file=@document.pdf"
Confidence
50% confidence
Finding
https://api.deepread.tech/

External Transmission

Medium
Category
Data Exfiltration
Content
}

# Poll until completed
curl https://api.deepread.tech/v1/jobs/550e8400-e29b-41d4-a716-446655440000 \
  -H "X-API-Key: $DEEPREAD_API_KEY"
```
Confidence
50% confidence
Finding
https://api.deepread.tech/

External Transmission

Medium
Category
Data Exfiltration
Content
```bash
# With webhook (recommended)
curl -X POST https://api.deepread.tech/v1/process \
  -H "X-API-Key: $DEEPREAD_API_KEY" \
  -F "file=@invoice.pdf" \
  -F "webhook_url=https://your-app.com/webhook"
Confidence
50% confidence
Finding
https://api.deepread.tech/

External Transmission

Medium
Category
Data Exfiltration
Content
-F "webhook_url=https://your-app.com/webhook"

# OR poll for completion
curl -X POST https://api.deepread.tech/v1/process \
  -H "X-API-Key: $DEEPREAD_API_KEY" \
  -F "file=@invoice.pdf"
Confidence
50% confidence
Finding
https://api.deepread.tech/

External Transmission

Medium
Category
Data Exfiltration
Content
-F "file=@invoice.pdf"

# Then poll
curl https://api.deepread.tech/v1/jobs/JOB_ID \
  -H "X-API-Key: $DEEPREAD_API_KEY"
```
Confidence
50% confidence
Finding
https://api.deepread.tech/

External Transmission

Medium
Category
Data Exfiltration
Content
Extract specific fields with confidence scoring:

```bash
curl -X POST https://api.deepread.tech/v1/process \
  -H "X-API-Key: $DEEPREAD_API_KEY" \
  -F "file=@invoice.pdf" \
  -F 'schema={
Confidence
50% confidence
Finding
https://api.deepread.tech/

External Transmission

Medium
Category
Data Exfiltration
Content
Extract arrays and nested objects:

```bash
curl -X POST https://api.deepread.tech/v1/process \
  -H "X-API-Key: $DEEPREAD_API_KEY" \
  -F "file=@invoice.pdf" \
  -F 'schema={
Confidence
50% confidence
Finding
https://api.deepread.tech/

External Transmission

Medium
Category
Data Exfiltration
Content
Get per-page OCR results with quality flags:

```bash
curl -X POST https://api.deepread.tech/v1/process \
  -H "X-API-Key: $DEEPREAD_API_KEY" \
  -F "file=@contract.pdf" \
  -F "include_pages=true"
Confidence
50% confidence
Finding
https://api.deepread.tech/

External Transmission

Medium
Category
Data Exfiltration
Content
```bash
# List your blueprints
curl https://api.deepread.tech/v1/blueprints \
  -H "X-API-Key: $DEEPREAD_API_KEY"

# Use blueprint instead of inline schema
Confidence
50% confidence
Finding
https://api.deepread.tech/

External Transmission

Medium
Category
Data Exfiltration
Content
-H "X-API-Key: $DEEPREAD_API_KEY"

# Use blueprint instead of inline schema
curl -X POST https://api.deepread.tech/v1/process \
  -H "X-API-Key: $DEEPREAD_API_KEY" \
  -F "file=@invoice.pdf" \
  -F "blueprint_id=660e8400-e29b-41d4-a716-446655440001"
Confidence
50% confidence
Finding
https://api.deepread.tech/

External Transmission

Medium
Category
Data Exfiltration
Content
```bash
# Create a blueprint from training data
curl -X POST https://api.deepread.tech/v1/optimize \
  -H "X-API-Key: $DEEPREAD_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
Confidence
50% confidence
Finding
https://api.deepread.tech/

External Transmission

Medium
Category
Data Exfiltration
Content
# Returns: {"job_id": "...", "blueprint_id": "...", "status": "pending"}

# Check optimization status
curl https://api.deepread.tech/v1/blueprints/jobs/JOB_ID \
  -H "X-API-Key: $DEEPREAD_API_KEY"

# Use blueprint (once completed)
Confidence
50% confidence
Finding
https://api.deepread.tech/

External Transmission

Medium
Category
Data Exfiltration
Content
-H "X-API-Key: $DEEPREAD_API_KEY"

# Use blueprint (once completed)
curl -X POST https://api.deepread.tech/v1/process \
  -H "X-API-Key: $DEEPREAD_API_KEY" \
  -F "file=@invoice.pdf" \
  -F "blueprint_id=BLUEPRINT_ID"
Confidence
50% confidence
Finding
https://api.deepread.tech/

External Transmission

Medium
Category
Data Exfiltration
Content
Get notified when processing completes instead of polling:

```bash
curl -X POST https://api.deepread.tech/v1/process \
  -H "X-API-Key: $DEEPREAD_API_KEY" \
  -F "file=@invoice.pdf" \
  -F "webhook_url=https://your-app.com/webhooks/deepread"
Confidence
50% confidence
Finding
https://api.deepread.tech/

External Transmission

Medium
Category
Data Exfiltration
Content
```bash
# Request preview URL
curl -X POST https://api.deepread.tech/v1/process \
  -H "X-API-Key: $DEEPREAD_API_KEY" \
  -F "file=@document.pdf" \
  -F "include_images=true"
Confidence
50% confidence
Finding
https://api.deepread.tech/

External Transmission

Medium
Category
Data Exfiltration
Content
**Public Preview Endpoint:**
```bash
# No authentication required
curl https://api.deepread.tech/v1/preview/Xy9aB12
```

## Rate Limits & Pricing
Confidence
50% confidence
Finding
https://api.deepread.tech/

External Transmission

Medium
Category
Data Exfiltration
Content
**✅ Recommended: Webhook notifications**
```bash
curl -X POST https://api.deepread.tech/v1/process \
  -H "X-API-Key: $DEEPREAD_API_KEY" \
  -F "file=@document.pdf" \
  -F "webhook_url=https://your-app.com/webhook"
Confidence
50% confidence
Finding
https://api.deepread.tech/

External Transmission

Medium
Category
Data Exfiltration
Content
def wait_for_result(job_id, api_key):
    while True:
        response = requests.get(
            f"https://api.deepread.tech/v1/jobs/{job_id}",
            headers={"X-API-Key": api_key}
        )
        result = response.json()
Confidence
50% confidence
Finding
https://api.deepread.tech/

Autonomous Decision Making

Medium
Category
Excessive Agency
Content
- **`hil_flag: true`** = Uncertain extraction → Routed to human review

**How HIL works:**
1. Fields extracted with high confidence are auto-approved
2. Uncertain fields are flagged with `hil_flag: true` and a `reason`
3. Only flagged fields need human review (typically 5-10% of total fields)
4. Review flagged fields in **DeepRead Preview** (`preview.deepread.tech`) — a dedicated HIL review interface where reviewers can see the original document side-by-side with extracted data, correct flagged fields, and approve results
Confidence
85% confidence
Finding
auto-approve

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.