Back to skill

Security audit

pdf

Security checks across malware telemetry and agentic risk

Overview

This skill is a local PDF-processing toolkit, and its file access and helper scripts match that purpose.

Install only if you are comfortable letting the agent process PDFs you explicitly choose and create local output files. Use it on documents you are authorized to access, be careful with output paths so important files are not overwritten, and review filled or decrypted PDFs before relying on them.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
92% confidence
Finding
The skill demonstrates file read/write behavior throughout its examples, but the metadata declares no permissions. In an agent environment, undeclared filesystem capabilities reduce transparency and can cause the skill to be invoked with broader access than users or policy expect, increasing the chance of unintended document access or modification.

Vague Triggers

Medium
Confidence
78% confidence
Finding
The activation condition is very broad: it suggests using this skill whenever the model needs to process, generate, analyze, or fill PDFs at scale. Overbroad routing increases the likelihood the skill is invoked automatically on sensitive PDFs, including confidential, regulated, or copyrighted files, without enough user confirmation or task scoping.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The guide includes a qpdf example for removing PDF passwords and decrypting protected documents without any warning, authorization check, or legitimate-use framing. In an agent setting, that normalizes bypassing document protections and could facilitate unauthorized access to confidential files if the model follows the example automatically.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.