pdf2jpg
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This is a straightforward PDF-to-JPEG helper that runs local conversion and zip tools; its main caveat is that required external tools are documented in the skill text but not fully declared in metadata.
Before installing, make sure you are comfortable installing Poppler from your package manager and running local shell scripts that create JPEG and ZIP files from the PDFs you choose. The provided artifacts do not show hidden data access, credential use, or network behavior.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing Poppler changes the local environment and relies on the package manager/source used.
The skill depends on an external PDF conversion package installed through system package managers. This is disclosed and necessary for the stated purpose, but users should install it only from trusted package sources.
Install the `poppler-utils` package before running the scripts ... `sudo apt install -y poppler-utils` ... `brew install poppler`
Use trusted package repositories and review package-manager prompts before installing dependencies.
Running the skill will create image files beside the selected PDF, and the companion zip script can create an archive of those images.
The bundled script executes the local `pdftoppm` command on the user-supplied PDF and writes output images. This local command execution is central to the skill purpose and uses quoted arguments.
cmd=(pdftoppm -jpeg -jpegopt quality=85,optimize=y,progressive=y) ... cmd+=("$pdf" "$out_prefix") ... "${cmd[@]}"Run it only on PDFs you intend to convert, and choose output locations deliberately.