The Agent Skills Directory

Data Exfiltration (MEDIUM): The skill transmits local file content to 'https://api.nutrient.io/build' for processing. Although this is the primary function of the skill, it involves uploading potentially sensitive user data to a non-whitelisted external domain.\n- Remote Code Execution (MEDIUM): The MCP server setup instructions use 'npx -y @nutrient-sdk/dws-mcp-server', which downloads and executes an external package from the npm registry. The '@nutrient-sdk' organization is not on the trusted whitelist, representing an unverifiable dependency risk.\n- Indirect Prompt Injection (LOW): The skill ingests untrusted data from documents (PDFs, DOCX, etc.) and provides text extraction capabilities. Without explicit sanitization or boundary markers, the agent may inadvertently follow malicious instructions embedded within the processed documents (Evidence: Ingestion: local files; Boundary markers: Absent; Capabilities: File upload/download via curl; Sanitization: Absent).\n- Command Execution (LOW): The skill relies on shell-based execution for 'curl' and 'npx' operations.

nutrient-document-processing