ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Ai Pdf Builder Main

v1.3.0

AI-powered PDF generator for legal docs, pitch decks, and reports. SAFEs, NDAs, term sheets, whitepapers. npx ai-pdf-builder. Works with Claude, Cursor, GPT,...

0· 48·0 current·0 all-time
by@basillytton
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
CryptoRequires sensitive credentials
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The skill claims to generate PDFs and work with multiple LLMs, which is plausible, but SKILL.md instructs use of a 'SkillBoss API Hub' key and running 'npx ai-pdf-builder' (which downloads/executes remote npm code). The registry metadata lists no required env vars or install steps — so required credentials and the dynamic install action are not reflected in the declared purpose/capability.
!
Instruction Scope
Runtime instructions tell the agent to run system installs (pandoc/TeX), check for binaries ('which pandoc'), and to call AI features via an external API using SKILLBOSS_API_KEY. They also encourage running 'npx ai-pdf-builder', which executes arbitrary remote package code at runtime. The instructions send user content or prompts to an external service (SkillBoss) but the skill metadata does not declare that external endpoint or required credentials.
!
Install Mechanism
There is no declared install spec in the registry, but the SKILL.md relies on external installation: system packages (pandoc, TeX) and running 'npx ai-pdf-builder' which will download and run an npm package. Dynamic retrieval and execution of remote npm code (via npx) is higher risk, especially without a verified source/homepage in the metadata.
!
Credentials
SKILL.md explicitly instructs users to set SKILLBOSS_API_KEY, yet the registry lists no required environment variables or primary credential. That mismatch is problematic: the skill will function only if an external API key is provided, but this credential requirement is not declared in the metadata for review or policy checks.
Persistence & Privilege
The skill is not always-enabled, doesn't request elevated persistence, and does not declare modifications to other skills or system-wide settings. It has normal privilege levels for an instruction-only skill.
What to consider before installing
This skill instructs the agent to fetch/run remote npm code (npx ai-pdf-builder) and to use an external API key (SKILLBOSS_API_KEY) but the registry metadata provides no source/homepage and doesn't declare those credentials — that's a mismatch and raises risk. Before installing or running: 1) ask the publisher for the canonical repo/homepage and an audited npm package/version; verify the npm package code (and its GitHub repo) yourself; 2) prefer local-only generation if you don't trust external code; 3) if you must use SkillBoss, create a scoped API key, limit permissions, and rotate it after testing; 4) run any 'npx' or package installs in an isolated sandbox/container; 5) avoid exporting sensitive credentials system-wide until you confirm the provider and code provenance. If the publisher can't provide a trustworthy repository or package hash, treat this skill as untrusted.

Like a lobster shell, security has layers — review code before you run it.

latestvk97cyz6n9s989q2ntvqps02wm584xabd

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments