ClawHub

Skill PDF Orgnizer

Security checks across malware telemetry and agentic risk

Overview

This PDF organizer behaves consistently with its stated purpose, but users should understand that it sends extracted PDF text to a configured AI provider and can rename or move local files.

Install only if you are comfortable sending portions of your PDFs and metadata to the configured AI provider. Avoid confidential, regulated, or proprietary PDFs unless your provider agreement permits that use, keep config.json private because it can hold an API key, and use --dry-run or backups before allowing the tool to move and rename important files.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (7)

Intent-Code Divergence

Medium
Confidence
94% confidence
Finding
The module and class documentation states the code analyzes PDF content with OpenAI or Kimi, but it does not clearly disclose that extracted PDF text and metadata are transmitted to third-party services for processing. This can mislead integrators into sending sensitive document contents off-host without adequate notice, consent, or policy review, creating privacy, compliance, and data-governance risk.

Description-Behavior Mismatch

Medium
Confidence
90% confidence
Finding
The organizer initializes an API-backed content analyzer using an external provider, which implies PDF-derived content and metadata may be transmitted off-host. Because the description does not disclose this data flow, users may unknowingly send sensitive document contents to a third party, creating confidentiality and compliance risk.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The README explains that the tool extracts PDF text and uses OpenAI for analysis, but it does not clearly warn users that document contents are transmitted to an external third-party service for processing. This can lead users to unknowingly upload sensitive or regulated information, creating privacy, confidentiality, and compliance risks.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill explicitly states it uses OpenAI/Kimi APIs to analyze PDF contents, but it does not clearly warn users that document text may be transmitted to third-party external services. This creates a real privacy and data-handling risk because users may process sensitive PDFs under the assumption analysis happens locally, exposing confidential, regulated, or proprietary content to external providers.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill description advertises AI-powered PDF analysis via OpenAI/Kimi but does not clearly warn users that document contents may be transmitted to third-party APIs. This can cause users to expose sensitive or confidential PDF data without informed consent, especially because the feature is framed as routine organization rather than external data sharing.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
This code sends document metadata and up to 3000 characters of document content to an external LLM API for classification without any built-in warning, consent flow, redaction, or policy gate. If users process confidential PDFs, sensitive data may be disclosed to third parties unexpectedly, which is especially risky in enterprise, legal, medical, or research contexts.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The processing path reads PDF text and immediately submits it for AI analysis without any user-facing warning at runtime. If PDFs contain confidential, regulated, or proprietary information, this can leak sensitive data to an external service and expose users to privacy, legal, or contractual violations.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal