Nano Pdf Cn
Security checks across malware telemetry and agentic risk
Overview
This skill is for PDF editing, but it does not clearly warn that the installed tool sends PDF page content and prompts to Gemini and may use Google Search by default.
Review this before installing if you work with confidential, regulated, client, or business-sensitive PDFs. Install only if you are comfortable with nano-pdf sending PDF page content, prompts, and possibly broader document context to Gemini; consider disabling Google Search and context features where possible, and use copies of files.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
64/64 vendors flagged this skill as clean.