Back to skill
Skillv0.1.0
ClawScan security
Pdf · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 11, 2026, 8:36 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is an instruction-only PDF toolkit whose requirements and instructions are consistent with its stated purpose and do not request unrelated credentials or persistent privileges.
- Guidance
- This skill appears coherent for PDF processing. Before installing: 1) Note the source is unknown and there's no homepage—prefer skills from known authors if you need higher assurance. 2) The instructions will read and write local files (PDFs, images)—do not let the skill access directories containing sensitive documents unless you trust it. 3) The guide assumes you have system dependencies (poppler, tesseract) and Python packages; install those from official package repositories. 4) Examples show decrypting PDFs with a password—the skill itself doesn't request secrets, but you will need to supply passwords if decrypting protected files; avoid embedding real secrets in example code. 5) If you want stronger assurance, request the author/source code or run the workflow in an isolated environment (container or VM) before giving it access to sensitive PDFs.
Review Dimensions
- Purpose & Capability
- okName/description (PDF extraction, merging, creation, forms) align with the SKILL.md examples: pypdf, pdfplumber, reportlab, pdftotext/qpdf/pdftk, pytesseract/pdf2image for OCR. All referenced libraries and commands are appropriate for PDF processing.
- Instruction Scope
- noteSKILL.md contains concrete code and CLI examples that operate on local PDF files (read, write, merge, OCR, decrypt with provided password example). This is expected for the stated purpose, but the doc implicitly reads and writes arbitrary file paths (e.g., watermark.pdf, input.pdf). There are no instructions to read unrelated system config or environment variables, but the guide references external helper files (reference.md, forms.md) that are not included.
- Install Mechanism
- okNo install spec (instruction-only), which reduces installer risk. The guide implicitly requires Python packages (pypdf, pdfplumber, reportlab, pandas, pytesseract, pdf2image) and system utilities (poppler/pdftotext, qpdf, pdftk, tesseract). Those are standard for PDF work but are not enumerated as required installs—user should ensure those dependencies are installed from trusted sources.
- Credentials
- okThe skill declares no environment variables, no credentials, and no config paths. The examples include a qpdf decrypt example with an inline password literal (mypassword) which is illustrative only; nothing in the manifest requests secrets or unrelated credentials.
- Persistence & Privilege
- okalways is false and model invocation is allowed (platform default). The skill is instruction-only and does not request persistent/system-wide privileges or change other skills' configs.