pdf

Security checks across malware telemetry and agentic risk

Overview

This is a local PDF-processing skill whose risky examples are visible and purpose-aligned, but users should handle protected or original documents carefully.

Install only if you are comfortable with a local PDF toolkit reading and writing your documents. Use password-removal only on PDFs you are authorized to unlock, store decrypted copies carefully, and make backups before running any in-place repair or overwrite command.

SkillSpector

By NVIDIA

Vulnerability Patterns

Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 84% confidence
Finding: The guide includes commands for decrypting PDFs and repeatedly writing output files, but it provides no warning about sensitive-document handling, password exposure on the command line, or overwriting/declassifying protected content. In an agent skill, that omission can lead users or downstream agents to process confidential PDFs unsafely, leave secrets in shell history, or create unprotected copies of restricted files.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The example uses `qpdf --replace-input corrupted.pdf`, which modifies the original file in place after a check step, but the surrounding documentation does not clearly warn that the command is destructive. In an agent skill context, users or downstream agents may copy commands verbatim, causing irreversible alteration or loss of the only copy of a PDF during troubleshooting.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal