Office Document Assistant
Security checks across malware telemetry and agentic risk
Overview
This skill does what it says: it locally extracts text from user-selected office documents, with privacy caution because extracted text may appear in outputs or logs.
Install this only if you are comfortable letting the agent read the specific documents you point it at. Avoid highly confidential legal, financial, HR, medical, or identity documents unless necessary, because extracted text can appear in chat output, command output, logs, or orchestration traces. Keep local document parsing and OCR tools updated and process only files you trust.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
65/65 vendors flagged this skill as clean.