Skillv2.2.0

ClawScan security

Md To Share · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 28, 2026, 5:42 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code, instructions, and requirements are coherent with its stated purpose (converting Markdown to long images); it does not request unrelated credentials or hidden network endpoints, but it will install/run Playwright/Chromium (large binary) and write image files to disk — review before running in sensitive environments.
Guidance: This skill appears to do what it says: convert Markdown to long images using Playwright. Before installing/using it, consider: (1) it depends on Playwright and its postinstall will download Chromium (large binary and network activity) — run npm install in a controlled environment; (2) the tool writes screenshots to disk, so avoid passing paths to sensitive files you don't want rendered; (3) OpenClaw agents will compress images (SKILL.md and docs already note two compression layers) — use the openclaw preset (1200px/5MB) if you want to avoid downstream compression; (4) review package.json and md2img.mjs if you operate under strict security policies; otherwise the skill is internally consistent and does not request unrelated credentials or hidden remote endpoints.

Review Dimensions

Purpose & Capability: okName/description (Markdown → long image) match the included files and runtime: md2img.mjs reads .md, renders HTML in Playwright Chromium, screenshots to JPEG/PNG, and implements splitting/themes. Declared presets and channel behaviors align with the implementation.
Instruction Scope: okSKILL.md limits runtime actions to parsing a markdown file, launching an isolated Playwright Chromium, rendering, producing image files, and providing examples for sending via agent message tooling. It does not instruct reading unrelated system files or exfiltrating environment variables. It does reference OPENCLAW-specific env vars for auto-detection (expected for agent integration).
Install Mechanism: noteThere is no registry install spec, but package.json includes dependencies on 'playwright' and a postinstall script ('npx playwright install chromium'), which will download a large Chromium binary from Playwright distribution hosts when npm install is run. This is expected for Playwright-based tools but is resource-heavy and performs network downloads during install — review before running in restricted or air-gapped environments.
Credentials: okThe skill requests no required env vars or credentials. Optional env vars mentioned (CHROME_PATH, MD2IMG_TIMEOUT, OPENCLAW_* detection) are reasonable for customizing browser path/timeouts and environment detection. No unrelated secrets or multiple external tokens are requested.
Persistence & Privilege: okSkill does not request persistent/system-wide privileges. always is false and it does not modify other skills or system configuration. It writes output image files to paths supplied by the caller (expected behavior).