夸克扫描王转Office - yescan transoffice universal

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed Quark OCR conversion tool that uploads user-selected images for processing and saves returned documents locally.

Install only if you are comfortable sending the selected image or image URL to Quark's scanning service. Keep SCAN_WEBSERVICE_KEY scoped and private, avoid sensitive documents unless Quark's terms are acceptable for your use case, and delete generated files from the temp directory after use if they contain private data.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (3)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 93% confidence
Finding: The skill declares no explicit permissions while its instructions and metadata clearly require environment-variable access and outbound network communication to a third-party OCR service. This creates a transparency and consent problem: operators may underestimate the skill's ability to exfiltrate user-provided content and secrets to external systems.

Tp4

High

Category: MCP Tool Poisoning
Confidence: 95% confidence
Finding: The documented purpose presents a narrow image-to-Office/PDF conversion skill, but the described behavior extends to remote URL fetching, raw base64 ingestion, broader OCR/document-processing scenarios, and transmission of content to an external service. This mismatch is dangerous because it obscures the real attack surface and data flows, increasing the risk of SSRF-like abuse via URL inputs, sensitive-document exposure, and unexpected processing of high-risk document types.

Missing User Warnings

Medium

Confidence: 90% confidence
Finding: This client sends user-supplied local file contents, base64 payloads, or remote URLs to an external OCR API, which can expose sensitive document data to a third party if users or operators are not explicitly informed. In a document-conversion/OCR skill, this data flow is expected functionally, but it still creates a real privacy and data-handling risk because scanned documents commonly contain PII, contracts, IDs, or financial information.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal