ClawHub

word-to-pdf

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward local Word-to-PDF converter with no evidence of hidden data sharing, persistence, or unrelated system access.

Install dependencies from trusted sources, ideally in a virtual environment. Use this only on documents you intentionally select, and expect basic text, heading, and list conversion rather than full Word layout, images, tables, or guaranteed emoji preservation.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Tp4

High
Category
MCP Tool Poisoning
Confidence
95% confidence
Finding
The code generally matches the stated purpose of converting .docx to PDF using reportlab, and its font discovery for Chinese text is consistent with that purpose. However, the description materially overstates behavior by claiming proper formatting preservation and emoji support. The implementation only extracts paragraph text and applies very basic handling for headings and simple list styles; it does not preserve rich Word formatting such as runs, bold/italic, tables, images, page layout, numbering continuity, or most document structure. Emoji support is also not actually ensured, since the code only searches for a few Chinese fonts and does not implement any dedicated emoji-capable font handling. Because the declared description inaccurately represents the actual behavior in these important ways, this should be flagged as a mismatch.

Natural-Language Policy Violations

Low
Confidence
83% confidence
Finding
The skill README is predominantly written in Chinese and presents usage, warnings, and troubleshooting in that language without indicating any user-selectable language or locale option. Under the policy, forcing a specific language without opt-in can be a natural-language policy violation unless the locale restriction is explicitly justified, which is not stated here.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal