Skillv1.0.0

ClawScan security

Pdf Text Extract · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignApr 14, 2026, 9:18 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code matches its stated purpose (extracting text from PDFs with PyPDF2); no network calls or secret access are present, but there are small packaging/instruction mismatches you should fix before use.
Guidance: This skill appears to do what it says: the included tool reads a local PDF and outputs plain text using PyPDF2, with no network activity or secret access. Before installing/using: 1) Note SKILL.md shows python pdf_text_extract.py but the shipped file is tool.py — either rename the file or call python tool.py. 2) Ensure PyPDF2 is installed in the environment (pip install PyPDF2) because the skill doesn't provide an installer. 3) Run the script in a restricted/sandboxed environment the first time and avoid running it as root. 4) If you plan to use it in automation, confirm error handling and file permissions meet your needs. These are usability/packaging issues rather than security red flags.

Purpose & Capability: noteThe skill claims to extract PDF text using PyPDF2 and the included tool.py implements exactly that. However, the SKILL.md usage examples reference a different filename (pdf_text_extract.py) and the README does not declare the PyPDF2 dependency — a packaging/documentation mismatch rather than a capability mismatch.
Instruction Scope: okRuntime instructions only describe running a local Python script and writing output to stdout or a file. The instructions do not ask the agent to read unrelated files, access environment variables, or send data externally. The only issue is the incorrect script name in SKILL.md (tool is shipped as tool.py).
Install Mechanism: okThere is no install spec (instruction-only with an included code file). No network downloads or archive extraction are performed by the skill itself. The only runtime dependency is PyPDF2, which is not installed by the skill and must be managed externally.
Credentials: okThe skill requests no environment variables, credentials, or config paths. The code only reads the specified local PDF and optionally writes a local text file — no credential or secret access is requested or used.
Persistence & Privilege: okThe skill does not request persistent or elevated privileges; always is false and it does not modify other skills or system-wide settings. It only runs as a user process and writes output to the specified path.