Md2pdf WeasyPrint
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: md2pdf-weasyprint Version: 2.0.0 The OpenClaw skill 'md2pdf-weasyprint' is designed for converting Markdown files to PDF. Analysis of `SKILL.md`, `scripts/convert-weasyprint.sh`, and `scripts/convert-weasyprint.py` reveals no evidence of malicious intent, data exfiltration, persistence mechanisms, or prompt injection attempts. The `SKILL.md` provides clear, functional instructions. The bash script handles dependency installation (Python packages via `pip` and system fonts via `yum`) which are standard and necessary for the skill's operation. The Python script uses legitimate libraries (`markdown`, `weasyprint`) for the conversion process without introducing any unsafe execution or file operations. All actions are directly aligned with the stated purpose of Markdown to PDF conversion.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
On first run, the conversion may modify the local Python environment or system font packages; those dependencies come from package repositories rather than only the reviewed skill files.
If required packages or fonts are missing, the script downloads and installs them at runtime using unpinned package names and automatic package-manager confirmation.
python3 -m pip install -q markdown weasyprint ... yum install -y -q google-noto-sans-cjk-fonts
For tighter control, install dependencies in a virtual environment or container, pin package versions, and avoid automatic system package installation unless you trust the environment.