doc-merge-check11

Security checks across malware telemetry and agentic risk

Overview

This appears to be a normal document-processing skill, with a caution that generated output files and formatting changes should be handled carefully.

Install only if you need .docx merge or formatting help. Use a new output filename or backup important documents first, because formatting tools may change layout and an existing output file could be replaced.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 90% confidence
Finding: The skill instructs users to merge and reformat .docx files but does not warn that output files may overwrite existing documents or that formatting operations can alter document structure and presentation. In a document-processing workflow, this omission can lead to accidental data loss or unintended modification of original content, especially if users assume the operation is non-destructive.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal