PDF Tools
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: pdf-tools Version: 0.1.0 The OpenClaw AgentSkills skill bundle for PDF tools is classified as benign. All Python scripts (`edit_text.py`, `extract_text.py`, `merge_pdfs.py`, `pdf_info.py`, `rotate_pdf.py`, `split_pdf.py`) perform standard PDF manipulation tasks using well-known libraries (pdfplumber, PyPDF2, reportlab). File operations are limited to reading specified input PDFs and writing output PDFs or text files to designated paths. There are no network calls, attempts to access sensitive system files or environment variables, persistence mechanisms, or obfuscation. The `SKILL.md` and `README.md` files provide clear, benign instructions for using the PDF tools and do not contain any prompt injection attempts to subvert the agent's behavior or access unauthorized data.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing unpinned packages can expose users to dependency changes or compromised package versions, though this setup is clearly disclosed and purpose-aligned.
The skill relies on external PyPI packages installed manually and without pinned versions. This is expected for a Python PDF utility, but users should install from a trusted environment.
pip3 install pdfplumber PyPDF2 reportlab
Install dependencies in a virtual environment and consider pinning known-good versions of pdfplumber, PyPDF2, and reportlab.
If the agent is given the wrong output path, it could overwrite an existing PDF or create files somewhere unexpected.
The editing tool writes to a user-supplied output path. This is necessary for PDF editing, but careless output choices could overwrite or create files in unintended locations.
with open(output_path, 'wb') as f:
writer.write(f)Use clear, new output filenames and keep backups of important PDFs before editing, merging, splitting, or rotating them.