Back to skill
Skillv1.0.5
ClawScan security
U2-doc-parser · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 21, 2026, 10:31 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code, docs, and runtime instructions align with its stated purpose (uploading documents to UniDoc UAT for conversion); the main risk is expected privacy exposure because files are sent to a third‑party test endpoint.
- Guidance
- This skill appears to do exactly what it says: it uploads the file you provide to the UniDoc UAT service for conversion and returns Markdown/JSON. Before installing or using it, consider: 1) Do not upload sensitive or confidential documents — the skill explicitly sends files to a third‑party UAT endpoint without requiring authentication. 2) If you need to use a private UniDoc instance, set UNIDOC_BASE_URL (and UNIDOC_API_KEY if required) in a controlled environment. 3) Run this in an isolated environment and inspect the script if you have stricter privacy requirements. 4) Ensure the 'requests' dependency is installed and, if running non-interactively, avoid using HTTP endpoints that cause the script to prompt for confirmation. If you want stronger privacy guarantees, obtain a trusted/production UniDoc endpoint with authentication or run an on-premise parser instead.
- Findings
[NO_PRESCAN_ISSUES] expected: No pre-scan injection signals were detected. Presence of a network-uploading script is expected for a document-parsing skill that uses a remote API.
Review Dimensions
- Purpose & Capability
- okName and description (convert documents via UniDoc API) match the included files (README, SKILL.md, scripts/unidoc_parse.py). The skill requires no unrelated binaries or credentials; optional env vars (UNIDOC_BASE_URL, UNIDOC_API_KEY) are consistent with configuring the API endpoint.
- Instruction Scope
- okRuntime instructions and the included Python script only perform operations consistent with the stated purpose: validate and read a user-supplied file, upload it to the UniDoc endpoints, poll status (for async), and fetch converted output. The README/SKILL.md explicitly warn that documents are uploaded to an external UAT endpoint and advise not to use sensitive documents.
- Install Mechanism
- okNo install spec; the skill is instruction+code only. It requires the standard 'requests' Python library (documented). No downloads from untrusted URLs or archive extraction are present in the manifest.
- Credentials
- noteThe skill declares no required credentials. It optionally reads UNIDOC_BASE_URL and UNIDOC_API_KEY which are reasonable for configuring the service. The primary privacy concern is deliberate: the skill uploads files to an external UniDoc UAT server (no auth), which the documentation repeatedly warns about — this is expected for the skill but has privacy implications.
- Persistence & Privilege
- okSkill is not always-enabled and does not request elevated or persistent system privileges. It does create output directories if needed and validates output paths, but it does not modify other skills or system-wide agent settings.