Nano Pdf
Security checks across malware telemetry and agentic risk
Overview
This is a narrow PDF-editing skill that installs and invokes a third-party nano-pdf CLI, with no hidden scripts or persistence in the skill artifact.
Install only if you trust the nano-pdf PyPI package and its AI service dependencies. Use it on PDFs you are comfortable processing through that tool, keep backups of important documents, and review edited PDFs before sharing them.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
66/66 vendors flagged this skill as clean.