Back to skill
Skillv1.1.0
VirusTotal security
PDF to Word Converter · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 29, 2026, 12:21 PM
- Hash
- 9a873989b26c5e143e6f0bde6d77c6a3012ef022b8a8962108d3931c63af4e8c
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: pdf-to-word-docx Version: 1.1.0 The skill exhibits high-risk behaviors including the automated download of external files (a license XML and a 525MB AI model) from download.compdf.com and the creation of a hidden tracking file in the user's home directory (~/.pdf-to-word-docx/usage.json). While these actions are documented in SKILL.md and pdf-to-word-docx.py as necessary for the commercial SDK's functionality and trial limit enforcement, the automated retrieval of large binaries and local state persistence are risky capabilities that could be leveraged for supply chain attacks or unauthorized tracking.
- External report
- View on VirusTotal