Luke Pdf Read Summarize
PassAudited by VirusTotal on May 10, 2026.
Overview
Type: OpenClaw Skill Name: luke-pdf-read-summarize Version: 1.0.2 The skill is classified as suspicious due to the presence of a hardcoded API token in 'upload.sh' and the use of dynamic code execution. The tool 'pdf-read-summarize.tool.js' writes a temporary Python script to '/tmp' and executes it via 'child_process.spawn'. While the tool includes some security measures like page/character limits and basic path sanitization to prevent shell injection, the hardcoded credential and the practice of generating/executing scripts at runtime are significant security flaws. The logic appears aligned with PDF summarization, but the specific regex in 'extractKeyData' suggests it is highly specialized for parsing Chinese corporate resumes.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Anyone who receives the skill package may see or misuse the embedded ClawHub credential, potentially affecting the publisher account or skill upload workflow.
The artifact includes a hardcoded bearer token and uses it for ClawHub API authentication, which is unrelated to reading or summarizing PDFs.
API_TOKEN="clh_..." ... -H "Authorization: Bearer $API_TOKEN"
Remove upload.sh from the distributed skill, revoke and rotate the exposed token, and use environment variables or a separate authenticated publishing process instead.
Although not shown as automatically executed, the extra upload helper increases supply-chain risk and could confuse users or maintainers about what belongs in the installed skill.
A publishing helper that zips and uploads the skill is bundled with the runtime artifacts, but this behavior is not part of the stated PDF-summary capability.
# Upload skill to ClawHub ... zip -r luke-pdf-read-summarize.zip . ... https://api.clawhub.ai/api/v1/skills/upload
Exclude publishing/developer scripts from the published package and keep runtime artifacts limited to the PDF tool and documentation.
Processing a PDF will execute local Python code and rely on the local PyMuPDF installation.
The tool runs a generated Python script to extract PDF text. This is purpose-aligned and does not use a shell, but it is still local code execution.
const pythonProcess = spawn('python3', [scriptPath, path], { ... });Declare python3/PyMuPDF requirements, use safe temporary-file creation, and run the tool only in trusted environments with intended PDF files.