Back to skill

Security audit

Llamaparse

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed LlamaParse cloud-document parser that uploads user-selected documents for parsing and saves returned results locally.

Install only if you are comfortable sending chosen documents to LlamaCloud for processing. Use a revocable API key, avoid broad folders for batch jobs, do not upload regulated or confidential files unless external processing is approved, and consider pinning the llama-cloud package version for reproducible installs.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
88% confidence
Finding
The skill performs sensitive actions—reading an API key from the environment, uploading user documents to an external cloud service, and writing files such as downloaded screenshots—yet it does not declare corresponding permissions. This creates a transparency and policy-enforcement gap: an agent or user may invoke the skill without clear awareness that local files and document contents will be transmitted off-box and that files may be written locally.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The examples instruct users to upload local documents to a third-party cloud parsing service but do not clearly warn that document contents leave the local environment. In a document-processing skill, users may reasonably provide sensitive PDFs, scans, spreadsheets, or images, so omission of a data-transmission/privacy notice can lead to inadvertent disclosure of confidential data.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
This script sends user-selected local documents to the LlamaCloud remote service for parsing, but it provides no explicit warning, consent prompt, or safety guard about network transmission of potentially sensitive file contents. In a document-processing skill, this is especially relevant because users may batch-process confidential PDFs, scans, spreadsheets, or internal documents and may not realize the data leaves the local machine.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The script uploads the user-supplied document to LlamaCloud for parsing, but the CLI flow does not provide an explicit warning or consent step that file contents will be transmitted to a third-party remote service. This is dangerous because users may inadvertently send sensitive or regulated documents off-host, creating confidentiality, compliance, and data-handling risks in contexts where local processing was assumed.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.