Skillv1.0.0

ClawScan security

Mineru Pdf · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignFeb 13, 2026, 5:23 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code, instructions, and requirements are consistent with a PDF-parsing wrapper for MinerU MCP and do not request unrelated credentials or suspicious installs.
Guidance: This skill appears to do what it says: parse PDFs via MinerU MCP or the included Python wrapper. Before installing or running it: (1) ensure you trust the uvx/mcp-mineru package source and be aware that model downloads may occur on first use; (2) run parse.py with an explicit output_dir to avoid accidental writes to sensitive locations; (3) do not run test.sh without inspecting or replacing its default PDF path (it points to an inbound media file under ~/.openclaw); and (4) if you need stronger isolation, run the tool in a sandbox or VM since it will create persistent files and may download model artifacts.

Review Dimensions

Purpose & Capability: okName/description match the included files and instructions: the SKILL.md and parse.py call MinerU components (via uvx/mcp-mineru or direct Python), and the declared required binary (uvx) is actually used in examples. There are no unrelated binaries or unexpected credential requests.
Instruction Scope: noteInstructions focus on parsing PDFs and saving outputs. parse.py reads a user-supplied PDF and writes parsed files to an output directory (persistent storage). Note: examples use absolute local paths (e.g., /Users/lwj04/...), and test.sh has a default PDF path under .openclaw/media/inbound — running the test.sh unmodified could act on that inbound file. This behavior is expected for a parsing tool but users should be aware it writes persistent files and that example paths are hard-coded.
Install Mechanism: okNo registry install spec is required by the platform; SKILL.md recommends installing via uvx / mcp-mineru (a package-managed installation). There are no downloads from unknown URLs or archive extractions in the skill files themselves.
Credentials: okThe skill declares no environment variables or credentials and only depends on the uvx binary and the MinerU Python package. That is proportionate for a PDF-parsing wrapper which either invokes uvx/mcp-mineru or imports mineru modules.
Persistence & Privilege: okalways is false and the skill does not request elevated system-wide privileges or modify other skills' configs. It writes output files to user-specified directories (intentional persistence), which is expected for this use case.