MinerU PDF Parser
PassAudited by ClawScan on May 1, 2026.
Overview
This instruction-only skill coherently uses MinerU’s API to parse documents, but it requires a MinerU token and sends selected document content or URLs to an external service.
This looks like a straightforward instruction-only API workflow. Install/use it only if you are comfortable providing a MinerU API token and sending the chosen documents or URLs to MinerU for processing; avoid submitting confidential files unless you have reviewed the provider’s privacy and retention practices.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Anyone or any process with access to that token may be able to use the user’s MinerU API quota or account permissions.
The skill relies on a MinerU bearer token and recommends storing it as an environment variable. This is purpose-aligned for calling the MinerU API, but it is still an account credential that should be protected.
Authorization: Bearer $MINERU_TOKEN ... export MINERU_TOKEN="your_api_key_here"
Use a MinerU token with the minimum needed permissions if available, keep it out of shared files/logs, and rotate it if it may have been exposed.
Private PDFs, Office files, images, or document URLs submitted for parsing may be processed and stored according to MinerU’s service policies.
The workflow sends document URLs and, for batch parsing, uploads files to MinerU-provided presigned URLs. This is central to the skill’s document-parsing purpose, but it means selected documents leave the local environment.
curl -X POST "https://mineru.net/api/v4/extract/task" ... "url": "https://arxiv.org/pdf/2410.17247" ... 上传文件到返回的 presigned URLs
Before using the skill on sensitive documents, review MinerU’s privacy/retention terms and only submit files you are comfortable sending to that external service.