Skillv1.0.1

ClawScan security

Bookify - Convert Markdown to PDF or EPUB · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 11, 2026, 5:41 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's requests and instructions match its stated purpose (converting Markdown to PDF/EPUB with md-bookify); nothing requested is out of scope, but it runs npm packages at runtime which has the usual supply-chain considerations.
Guidance: This skill is coherent for converting Markdown to PDF/EPUB, but it runs npm packages via npx at runtime. Before using it, verify the md-bookify@2.2.1 package reputation and source (check the npm package page and recent release notes), ensure the execution environment has Node >= 20 and is trusted, and consider running conversions in a sandboxed or limited-permission environment. If you prefer not to fetch code at runtime, preinstall the package versions you trust on the host and ensure Chromium is available to avoid on-demand downloads.

Review Dimensions

Purpose & Capability: okThe name/description say 'convert Markdown to PDF or EPUB using md-bookify' and the instructions explicitly invoke npx md-bookify@2.2.1 and (when needed) npx puppeteer to install Chromium. Required tools/paths/credentials are consistent with that purpose.
Instruction Scope: okSKILL.md only tells the agent to locate/read Markdown files (via Glob/Read) and run md-bookify (and optionally puppeteer to install Chromium). These actions are proportionate to converting markdown files; there are no instructions to access unrelated system files, credentials, or external endpoints beyond npm-driven package fetches and the normal package runtime behavior.
Install Mechanism: noteThis is an instruction-only skill with no install spec, but it relies on npx to fetch and execute md-bookify@2.2.1 and puppeteer@24 at runtime from the npm registry. Fetching and executing packages on-demand is coherent for this task but carries typical supply-chain risk (remote code execution from npm). The SKILL.md pins versions, which reduces some risk, but users should still verify the package and version.
Credentials: okNo environment variables or secrets are requested. The only environmental requirements are Node >= 20, ability to run npx, and (optionally) downloading Chromium via puppeteer. Those are appropriate for running an npm-based converter and for rendering PDFs.
Persistence & Privilege: okThe skill is not always-enabled, doesn't request persistent system-wide changes, and doesn't ask to modify other skills' configs. It will run packages at execution time but does not claim elevated or persistent privileges.