Back to skill
Skillv1.0.0
ClawScan security
PDF Generation · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 6, 2026, 7:48 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The instructions, required artifacts, and suggested tools align with the stated goal of generating PDFs from HTML/CSS and do not ask for unrelated credentials or system access.
- Guidance
- This skill is an instruction-only guide for producing better print PDFs from HTML/CSS and is internally consistent. Before using: ensure any CLI tools the agent runs (weasyprint, wkhtmltopdf, puppeteer, pip/npm installs) come from sources you trust; running suggested install commands will install third-party software on your machine. Because the skill contains executable command examples, only allow it to run those commands if you trust the environment and the agent's actions.
Review Dimensions
- Purpose & Capability
- okName/description match the content: SKILL.md is focused on print/CSS layout techniques and recommends PDF generation tools (WeasyPrint, wkhtmltopdf, Puppeteer, Pandoc), which are appropriate for the stated purpose.
- Instruction Scope
- okInstructions are limited to CSS guidance, templates, checklists, and example CLI commands (weasyprint input.html output.pdf). They do not instruct reading unrelated system files, accessing environment variables, or exfiltrating data.
- Install Mechanism
- okThis is an instruction-only skill with no install spec and no code files. It only suggests common package installs (brew/pip/npm) and a vendor download for wkhtmltopdf, which is proportional and expected for PDF tooling.
- Credentials
- okThe skill declares no required environment variables, credentials, or config paths. The instructions do not reference secrets or unrelated services.
- Persistence & Privilege
- okalways is false and the skill does not request persistent system privileges or modify other skills or system-wide settings.