ClawHub

Protect PDF with password

v1.0.0

Add password protection to a PDF by uploading it to the Solutions API, polling until completion, then returning a download URL for the protected PDF.

0· 1.1k·0 current·0 all-time
by@crossservicesolutions

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for crossservicesolutions/password-protect-pdf.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Protect PDF with password" (crossservicesolutions/password-protect-pdf) from ClawHub.
Skill page: https://clawhub.ai/crossservicesolutions/password-protect-pdf
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Canonical install target

openclaw skills install crossservicesolutions/password-protect-pdf

ClawHub CLI

Package manager switcher

npx clawhub@latest install password-protect-pdf
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name/description, SKILL.md, README, and included Python script all consistently implement uploading a PDF and password to the Cross‑Service‑Solutions API and polling for a result. However the registry metadata lists no required environment variables while the SKILL.md and script clearly require an API key (SOLUTIONS_API_KEY or passed via --api-key). This is an inconsistency in declared requirements (not necessarily malicious, but unexpected).
Instruction Scope
SKILL.md instructions and the script remain scoped to: accept PDF + password, upload them to the stated API, poll job status, and return the download URL. The skill does not instruct reading unrelated files, scanning system config, or exfiltrating other environment variables. The SKILL.md explicitly warns not to echo the API key or the password.
Install Mechanism
There is no install spec (instruction-only), which is lowest-risk for installation. However the package includes a Python script and requirements.txt that depends on requests>=2.32.0 — nothing suspicious, but the presence of runnable code without an install specification is a transparency/packaging mismatch you may want to clarify (how the platform will run or use the script).
Credentials
The only secret the skill needs is the Solutions API key (used as a Bearer token), which is proportionate to the stated purpose. That said, the registry metadata did not declare any required env vars while SKILL.md and the script require SOLUTIONS_API_KEY (or --api-key). Confirm the platform will not try to auto-provision or expect other credentials.
Persistence & Privilege
The skill does not request permanent presence (always:false) and does not attempt to modify other skills or system settings. It uses only http and file operations appropriate to its stated function.
What to consider before installing
This skill appears to do exactly what it says (send your PDF and chosen password to the Solutions API and return a protected-file URL), but verify three things before using it with sensitive documents: (1) confirm and trust the external service domain (https://api.xss-cross-service-solutions.com and https://login.cross-service-solutions.com) and its privacy/data-retention policy — your PDF and password are sent to that third party; (2) provide the API key only if you trust the service, and note the registry metadata did not declare the required env var (SOLUTIONS_API_KEY) — double-check how your agent will supply that key; (3) clarify how the included Python script will be used by the platform (it lists requests in requirements.txt but there is no install spec). If you are uncomfortable sending files/passwords to a remote service, use a local PDF tool that performs encryption on your machine instead.

Like a lobster shell, security has layers — review code before you run it.

latestvk97e82y1e0w4er08gxaka9yyss80tc7n
1.1kdownloads
0stars
1versions
Updated 1mo ago
v1.0.0
MIT-0
@crossservicesolutions
latest
Download

password-protect-pdf

Purpose

This skill password-protects a PDF by:

  1. accepting a PDF file from the user,
  2. accepting a password from the user,
  3. uploading both to the Solutions API,
  4. polling the job status until it is finished,
  5. returning the download URL for the password-protected PDF.

Credentials

The API requires an API key used as a Bearer token:

  • Authorization: Bearer <API_KEY>

How the user gets an API key:

Rule: never echo or log the API key.

API endpoints

Base URL:

  • https://api.xss-cross-service-solutions.com/solutions/solutions

Create password-protect job:

  • POST /api/32
  • multipart/form-data parameters:
    • file (PDF-Datei) — required — PDF file
    • userPass (Passwort) — required — string password

Get result by ID:

  • GET /api/<ID>

When done, the response contains:

  • output.files[] with { name, path } where path is a downloadable URL.

Inputs

Required

  • PDF file (binary)
  • Password (userPass, string)
  • API key (string)

Optional

  • None

Output

Return a structured result:

  • job_id (number)
  • status (string)
  • download_url (string, when done)
  • file_name (string, when available)

Example output:

{
  "job_id": 321,
  "status": "done",
  "download_url": "https://.../protected.pdf",
  "file_name": "protected.pdf"
}

Comments

Loading comments...