Security audit
PDF to Text
Security checks across malware telemetry and agentic risk
Overview
This skill does what it says: it uses the MinerU CLI/API to extract text from PDFs, with ordinary privacy and package-install considerations.
Before installing, review the mineru-open-api package and avoid processing confidential PDFs unless you are comfortable with MinerU handling them. Prefer stdout when you do not need saved files, and delete output folders that contain sensitive extracted text.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
65/65 vendors flagged this skill as clean.
Static analysis
No suspicious patterns detected.
