Back to skill
Skillv1.0.0
ClawScan security
pymupdf · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 27, 2026, 3:15 PM
- Verdict
- Benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is internally consistent: its code, CLI, and runtime instructions match the stated purpose of rendering and extracting images from PDFs and do not request unrelated credentials or system access.
- Guidance
- This skill appears coherent and limited to operating on local PDF files. Before installing or running it, consider: 1) The script will open and process whatever PDF path you provide and will write files to the specified output directory — verify paths and permissions. 2) The SKILL.md recommends installing the PyMuPDF package from PyPI; install packages in a virtualenv/container and pin versions to reduce supply-chain risk. 3) Parsing untrusted PDFs can trigger vulnerabilities in native libraries; avoid running on untrusted documents on sensitive systems. 4) There are no network calls or credential requests in the code, so it does not exfiltrate data by itself, but always review any third-party package you install. If you want extra safety, run the tool in an isolated environment (VM, container, or dedicated sandbox) and inspect the PyMuPDF package version before installation.
Review Dimensions
- Purpose & Capability
- okName, description, SKILL.md, and the included scripts all align: the CLI opens a local PDF, reports info, renders pages to images, and extracts embedded image streams. The only required binary is python3 and no credentials or unrelated tools are requested.
- Instruction Scope
- okSKILL.md instructs running the provided CLI and to ensure the PDF path is local. It does not direct the agent to read unrelated files, access environment variables, or transmit data externally. It does recommend installing the dependency with pip if missing, which is expected for a Python-based tool.
- Install Mechanism
- okThere is no automated install spec (instruction-only), so nothing is written to disk by the skill itself. The README suggests 'pip install pymupdf' when needed — a normal, low-risk developer action. No downloads from arbitrary URLs or archive extraction are present.
- Credentials
- okNo environment variables, credentials, or config paths are required. The script only accesses the input PDF path and writes to the user-specified output directory, which is proportional to the declared functionality.
- Persistence & Privilege
- okThe skill does not request always:true and makes no modifications to other skills or global agent configuration. Normal autonomous invocation is allowed by default but this is standard and not combined with other privileges.