Md2pdf WeasyPrint
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
On first run, the conversion may modify the local Python environment or system font packages; those dependencies come from package repositories rather than only the reviewed skill files.
If required packages or fonts are missing, the script downloads and installs them at runtime using unpinned package names and automatic package-manager confirmation.
python3 -m pip install -q markdown weasyprint ... yum install -y -q google-noto-sans-cjk-fonts
For tighter control, install dependencies in a virtual environment or container, pin package versions, and avoid automatic system package installation unless you trust the environment.