Render Stl Png
Security checks across malware telemetry and agentic risk
Overview
The skill appears to do the advertised STL-to-PNG rendering, with the main thing to notice being that its wrapper creates a cached Python environment and installs Pillow when used.
This looks like a narrow rendering utility. Before installing, be aware that the recommended shell wrapper may download Pillow into a persistent local virtual environment, and choose input and output paths deliberately.
VirusTotal
65/65 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
First use may download Python package code into a local cache; future package-index changes could affect the environment created by the wrapper.
When the recommended wrapper is used, it installs or upgrades packages in a cached virtual environment without a pinned Pillow version or lockfile in the artifacts.
"$VENV/bin/pip" install --upgrade pip >/dev/null "$VENV/bin/pip" install pillow >/dev/null
Use the wrapper only in a trusted environment, or pin dependency versions if repackaging or deploying this skill more strictly.