Back to skill

Security audit

夸克扫描王-OCR文字识别/文件扫描/转Office

Security checks across malware telemetry and agentic risk

Overview

This skill appears coherent and disclosed: it sends user-selected images to Quark Scan for OCR or image processing, so users should treat submitted documents and the API key as sensitive.

Install only if you are comfortable sending the selected images or URLs and your SCAN_WEBSERVICE_KEY to Quark Scan. Avoid using it on regulated, confidential, or personal documents unless authorized, protect and rotate the API key as needed, and clean up temporary output files after processing sensitive material.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The README instructs users to configure an API key and use OCR/image-processing features, but it does not clearly disclose that uploaded images and documents are transmitted to an external cloud service. Because this skill handles potentially sensitive content such as ID cards, invoices, and other personal documents, the omission can cause users or downstream agents to send regulated or confidential data off-device without informed consent.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The README instructs users to configure an API key and upload local images to a cloud OCR/image-processing service, but it does not clearly warn that images and credentials are sent to an external provider. In this skill context, users may process highly sensitive documents such as IDs, invoices, and handwritten records, so the omission can lead to uninformed disclosure of personal or regulated data.

Vague Triggers

High
Confidence
92% confidence
Finding
The skill description is intentionally expansive, stating that it should trigger even when the user does not explicitly name a specific function, as long as the request loosely involves image processing, text extraction, document conversion, enhancement, or ID-photo generation. This can cause over-triggering on ordinary image-related requests and route user data into a third-party networked service unnecessarily, increasing privacy exposure and the chance of actions the user did not clearly intend.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The documentation explicitly states that the CLI loads a credential and sends user-provided inputs to an external service endpoint, but it does not warn users that sensitive images/documents and API secrets are involved in outbound transmission. In a skill centered on OCR, translation, ID-card processing, and document conversion, this omission can lead operators to unknowingly upload personal or confidential data to a third party.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The document describes that generated images/documents are written to system temporary directories or user-specified output paths, but it does not warn that processed user data may persist on local disk. For OCR, image enhancement, and document conversion workflows, these files may contain PII or confidential content and can be exposed to other local users, backups, or later processes if not cleaned up properly.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.