PDF Simple Tool
v1.2.0PDF splitting and PDF-to-Word conversion tools implemented in Node.js.
⭐ 1· 144·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description match the included code: index.js implements splitPdf and pdfToWord using pdf-lib, pdf-parse, and docx. Required resources (none) align with a local file-processing tool.
Instruction Scope
SKILL.md tells the agent to call the Node functions with absolute input/output paths and to run npm install in the skill folder. The runtime behavior is limited to reading the specified PDF and writing output files; there are no instructions to read other unrelated system state or transmit data externally. Caveat: the skill necessarily requires the agent to be allowed to read arbitrary filesystem paths the user requests, so ensure the agent is only asked to access files you permit.
Install Mechanism
There is no platform-level install spec (instruction-only), but the skill includes a Node project and SKILL.md instructs running npm install. The package-lock references packages resolved from an npm mirror (registry.npmmirror.com) — common in some regions but worth noting; running npm install will fetch third-party packages, so audit dependencies or run in an isolated environment if you have concerns.
Credentials
The skill requests no environment variables, no credentials, and no config paths. The libraries used are standard PDF and docx processing packages; there is no disproportionate secret access requested.
Persistence & Privilege
always is false and the skill does not attempt to modify other skills or global agent settings. It only reads and writes the files specified as input/output and has an optional CLI entrypoint for local testing.
Assessment
This skill appears to do exactly what it says: split PDFs and produce a simple .docx of extracted text. Before installing, consider: 1) run npm install and usage in an isolated/sandboxed environment (or inspect node_modules) to limit risk from third-party packages; 2) review the package-lock or run npm audit if you need to check dependency supply-chain issues; 3) be mindful that the agent will need filesystem access to any absolute paths you pass (don’t point it at sensitive files you don’t want processed); 4) if you prefer a specific npm registry, ensure your npm config is set before running npm install (the lockfile references an npm mirror). If those cautions are acceptable, the skill is coherent and suitable for local PDF tasks.Like a lobster shell, security has layers — review code before you run it.
latestvk97f8edaaffhvaa40v3a1gaeds83mvj8
License
MIT-0
Free to use, modify, and redistribute. No attribution required.