ClawHub

my

Security checks across static analysis, malware telemetry, and agentic risk

Overview

This PDF finance parser does what it claims, but it can send sensitive document pages to external vision-model providers without a clear consent gate or privacy warning.

Install only if you are comfortable sending the pages you parse to the configured VLM provider, or configure a local provider such as Ollama for sensitive documents. Avoid using it on confidential, regulated, customer, legal, or non-public financial PDFs until the skill adds explicit remote-upload consent, clearer provider/data-retention disclosure, and tighter permission metadata.

SkillSpector (5)

By NVIDIA

Lp3

Medium
Category
MCP Least Privilege
Confidence
93% confidence
Finding
The skill explicitly instructs the agent to create a virtual environment, read input PDFs/images, read environment variables such as ARK_API_KEY or OPENAI_API_KEY, and write parsed outputs to disk, but it does not declare corresponding permissions. This creates a trust and sandboxing gap: users and platforms may underestimate what the skill can access or modify, increasing the chance of unintended file exposure or execution in a broader-than-expected context.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill sends document pages to an external multimodal model endpoint for processing, including potentially sensitive financial reports, contracts, or scanned documents, but the user-facing description does not clearly warn that document contents leave the local environment. In this context, the omission is significant because the handled documents may contain confidential financial, legal, or personal data, so users may unknowingly exfiltrate sensitive content to third-party services.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The code can send the input PDF to an external VLM service via `extract_tables_via_vlm(args.input, pn, cfg)` when `--force_vlm` is used or when scanned pages trigger fallback, but the call site provides no explicit consent prompt, sensitivity check, or prominent warning. In a finance PDF parser, inputs commonly contain confidential financial, legal, or personal information, so silent external transmission creates a real data exfiltration and compliance risk even if it is intended functionality.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
This code sends rendered PDF page images to a remote vision model API, which can expose sensitive financial document contents to a third-party service. In a finance document parser, pages may contain confidential or regulated data, so doing this without an explicit consent gate, privacy notice, or provider allowlist creates a real data-exfiltration risk rather than a purely informational issue.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The documentation explicitly routes document images and prompt text to third-party or externally hosted VLM endpoints, including cloud providers by default, but does not clearly warn users that potentially sensitive financial PDFs will be transmitted off-box. In this skill's context, the inputs are likely to contain non-public financial, corporate, or regulated information, so silent external disclosure creates a real confidentiality and compliance risk even if the behavior is intended.

Static analysis

No static analysis findings were reported for this release.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal