ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Academic Formula Converter

v1.0.0

Convert LaTeX math formulas in Markdown to styled docx or HTML documents with Unicode symbol support for academic use.

0· 537·2 current·3 all-time
by@khimyoung
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (LaTeX -> docx/html) matches the provided code and instructions. Required dependencies listed (python-docx, markdown) align with imports used. No unrelated credentials, binaries, or config paths are requested.
Instruction Scope
SKILL.md usage (running the included Python script, installing python-docx and markdown) matches runtime behavior. Minor inconsistency: SKILL.md and the CLI accept an --images directory, but the script does not use the images_dir when resolving image links (it uses the path from the markdown directly). The script reads local input markdown and any local image paths referenced, which is expected for a converter but means it will access files on the host filesystem referenced by the markdown.
Install Mechanism
Instruction-only skill with no install spec; dependencies are standard PyPI packages and are listed in SKILL.md. No downloads from arbitrary URLs or archive extraction are present.
Credentials
No environment variables, credentials, or external tokens are requested. The script does not read environment variables or external config.
Persistence & Privilege
Skill is not always-enabled and does not request elevated or persistent privileges. It does not modify other skills or system-wide agent settings.
Assessment
This skill appears to do what it says: converting Markdown with LaTeX formulas into styled docx or HTML. Before installing/using it: 1) install the listed Python packages (pip install python-docx markdown); 2) be aware the tool will read the input markdown and any image file paths referenced in that markdown (it will not fetch remote images), so avoid pointing it at sensitive local files unless you intend to include them; 3) note a small implementation mismatch: the --images option is accepted but not actually used to resolve image links, so ensure image paths in your markdown are correct or adjust the script if you need image-directory handling; 4) there are no network calls or credential requirements in the code, so risk is limited to local file access and standard Python package installation.

Like a lobster shell, security has layers — review code before you run it.

latestvk9702ww2vyb7zcw8r4mtzc6q4d81fdxe

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments