analyzing-pdf-malware-with-pdfid

Warn

Audited by Socket on Apr 7, 2026

1 alert found:

Security
SecurityMEDIUM
SKILL.md

SUSPICIOUS. The skill's purpose and capabilities are broadly aligned for PDF malware analysis, and its data flows stay local with no credential harvesting or exfiltration. However, the installation instructions are not fully trustworthy: they reference ambiguous/unofficial PyPI packages for core tooling, creating a notable supply-chain risk. This is best classified as a legitimate-but-high-risk security-analysis skill with medium/high install-trust concerns, not confirmed malware.

Confidence: 89%Severity: 76%
Audit Metadata
Analyzed At
Apr 7, 2026, 12:02 PM
Package URL
pkg:socket/skills-sh/mukul975%2FAnthropic-Cybersecurity-Skills%2Fanalyzing-pdf-malware-with-pdfid%2F@09356ec30aa30996f90c3ed67d8bf524771470a0
Security Audit — socket — analyzing-pdf-malware-with-pdfid