Back to skill

Security audit

夸克扫描王-OCR 文字识别/文件扫描/转 Office Alibaba-Quark-Scanking-All

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed Quark Scan integration that uploads user-selected images or URLs for OCR, enhancement, conversion, or ID photo generation, with no artifact evidence of hidden or destructive behavior.

Install only if you are comfortable using Quark Scan as a third-party processor. Do not submit sensitive IDs, invoices, business documents, or regulated data unless you have authorization, and review the yescan package source/trust before allowing pip install or upgrade in a shared environment.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Context-Inappropriate Capability

Medium
Confidence
92% confidence
Finding
The skill mandates package installation, version enumeration, and upgrades from PyPI before performing the user-requested image/document task. This expands the skill’s authority from document processing into software supply-chain modification and network access, creating unnecessary risk if the package, index response, or upgrade path is compromised or if the user did not intend to alter the environment.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The README describes OCR, image enhancement, and document conversion workflows but does not clearly warn users that uploaded images and documents are sent to an external service. Because these inputs commonly contain sensitive personal, financial, or business data, omission of this disclosure can cause users or downstream agents to transmit regulated or confidential content without informed consent.

Vague Triggers

High
Confidence
89% confidence
Finding
The activation text is extremely broad: it says the skill should trigger for essentially any image processing, text extraction, document conversion, image optimization, or ID photo generation request, even when the user does not name a specific capability. That can cause over-invocation of a networked third-party tool on sensitive user files or URLs without sufficiently tight scoping or per-capability confirmation.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The document explicitly describes uploading user-provided files or URLs to a remote service and loading credentials, but it does not warn that image/document contents may be transmitted off-device and processed by a third party. In a skill centered on OCR, document conversion, and image enhancement, this omission can cause accidental exposure of sensitive personal, financial, or identity data because users or integrators may assume processing is local.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.