ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Markdown2pdf

v2.1.2

Convert Markdown files to PDF or PNG with customizable professional themes and colored emoji support via CLI or API.

0· 135·0 current·0 all-time
byClawMem.com@leohuang8688
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The skill's stated purpose (Markdown→PDF/PNG) matches the shipped code (converter, emoji replacer). However there are inconsistencies: SKILL.md and README clearly require the wkhtmltopdf binary, but the registry metadata lists "Required binaries: none" — that omission is incoherent and could surprise users. SKILL.md/README point to a GitHub repo (leohuang8688/markdown2pdf) while the registry lists source as unknown and the published version differs (registry version 2.1.2 vs SKILL.md version 1.0.0), which reduces provenance confidence.
Instruction Scope
Runtime instructions are narrowly scoped to installing Python deps, installing wkhtmltopdf, running the CLI and Python API, and running tests. They do not request unrelated system files or external credentials. However SKILL.md contains unicode-control-chars (prompt-injection signal) flagged by the pre-scan — the file should be inspected for invisible characters that could try to manipulate downstream tools/agents.
Install Mechanism
There is no platform install spec in the registry (instruction-only), but the package ships an install.sh that runs pip installs (markdown, pdfkit, imgkit) and checks for wkhtmltopdf. Installing Python packages via the provided script is expected for this type of skill, but users should review the script before running. The skill relies on wkhtmltopdf, which is an external binary users must install manually from a trusted source (SKILL.md points to wkhtmltopdf.org). No remote downloads from obscure hosts were observed in the provided files.
Credentials
The skill does not request environment variables, credentials, or config paths. Its runtime behavior (local HTML generation, calling wkhtmltopdf via pdfkit/imgkit) is proportionate to converting markdown to PDF/PNG.
Persistence & Privilege
The skill does not request elevated platform privileges nor set always:true. It includes no code that modifies other skills' configuration. Normal autonomous invocation is allowed by default and is not by itself a concern here.
Scan Findings in Context
[unicode-control-chars] unexpected: The SKILL.md content contains unicode control characters that the static scanner flagged as prompt-injection patterns. These characters are not needed for documentation and could be used to influence parsers or agents that consume this file; inspect the SKILL.md raw bytes and remove invisible control characters before trusting automatic ingestion.
What to consider before installing
What to check before installing: - Verify provenance: the SKILL.md / README point to a GitHub repo but the registry lists source=unknown and versions mismatch — confirm the repository and maintainer identity (inspect https://github.com/leohuang8688/markdown2pdf) and prefer upstream releases. - Inspect SKILL.md and other docs for invisible characters (unicode control chars) flagged by the scanner; those should be removed or explained. Invisible control characters are not required for conversion and may be malicious in agent contexts. - Confirm and install wkhtmltopdf from the official site (https://wkhtmltopdf.org) before using the skill; the registry metadata omitted this required binary. Running the included install.sh will pip-install Python packages but will not install wkhtmltopdf for you. - Review install.sh and the Python source (src/converter.py and src/emoji_replacer.py) for any network calls or unexpected behavior before running tests. Run tests and the conversion in an isolated/sandboxed environment if possible. - Because the package includes example output files with financial reports and an email contact, be cautious about any automatic uploading or external-posting behavior if you integrate this skill into an automated pipeline — search the code for HTTP endpoints or credentials usage (none were obvious in the provided excerpts, but a full search is prudent). If the SKILL.md is cleaned of control characters, the required binary (wkhtmltopdf) is clearly documented in the registry metadata, and the GitHub source/provenance is validated, this assessment would likely move to benign. Until then treat it as suspicious and validate manually.

Like a lobster shell, security has layers — review code before you run it.

latestvk9759awa66n7ve3e17fkjfmp4n8332ht

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments