Skillv1.0.0

ClawScan security

Compress PDF · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousFeb 11, 2026, 9:24 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The code and instructions match the stated purpose (upload PDF, poll job, return download URL) but the skill metadata omits the required API credential and the external service/endpoint is unverified—so proceed with caution.
Guidance: This skill appears to do what it says (upload your PDF to an external compression API and return a download URL), but note these concerns before installing: - The SKILL.md and script require an API key, yet the registry metadata does not declare a primary credential — confirm how you will provide/store the key. - The external API domain (api.xss-cross-service-solutions.com) and owner are unverified (no homepage). Verify the service reputation before sending sensitive PDFs or reusing privileged API keys. - If you must try it, prefer a non-sensitive test PDF and a dedicated or throwaway API key. Inspect the code yourself (it's small and readable) and consider running the script in a sandboxed environment. - Ask the publisher for a homepage, privacy/terms for uploaded files, and an explanation for the missing credential metadata; if you can't verify those, avoid using it with confidential documents.

Review Dimensions

Purpose & Capability: noteThe skill's name, SKILL.md, README, and Python script are coherent: they upload a PDF to Cross-Service-Solutions, poll /api/<id>, and return a download URL. However, the registry metadata lists no primary credential or required env vars even though the SKILL.md and script clearly require an API key and optionally use SOLUTIONS_API_KEY and SOLUTIONS_BASE_URL. The skill also has no homepage and an unknown owner, which reduces external verification.
Instruction Scope: okRuntime instructions and the script stay within the stated scope: they accept a specified PDF path, upload only that file, poll the stated API, and return results. Allowed tools are http and files, which matches behavior. The instructions explicitly warn not to echo the API key.
Install Mechanism: okNo install spec (instruction-only plus a helper script). The only dependency is requests in requirements.txt. Nothing is downloaded from arbitrary URLs or written to unexpected system locations.
Credentials: concernThe skill requires an API key (used as a Bearer token) to operate, but the registry metadata did not declare a primary credential or required env var. The script also accepts SOLUTIONS_API_KEY and SOLUTIONS_BASE_URL environment variables. Requesting a single API key is proportionate to the task, but the omission from metadata and lack of an established service homepage/owner is an inconsistency and reduces traceability.
Persistence & Privilege: okThe skill does not request always:true and has no elevated persistence. It doesn't modify other skills or system-wide settings. Autonomous invocation is enabled (default) but that's normal and not by itself a red flag.