Back to skill
Skillv1.0.0
VirusTotal security
PDF Text Extractor · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignMay 1, 2026, 3:24 AM
- Hash
- bce25305356a20c54387343f24e61513a7a4acc15abd3f5b03faab2da46aed03
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: pdf-text-extractor Version: 1.0.0 The skill is designed to extract text from PDF files and includes basic text processing utilities. The code primarily uses `pdfjs-dist` for PDF parsing and `fs.readFileSync` to read the PDF and its own configuration. There is no evidence of data exfiltration, malicious execution, persistence mechanisms, or prompt injection attempts against the agent in the `SKILL.md` or `README.md` files. A notable discrepancy is that the advertised OCR functionality in `SKILL.md` and `README.md` is not implemented in `index.js`, which only extracts embedded text from PDFs. This is a functional flaw, not a security vulnerability. The dependencies listed in `package-lock.json` include some deprecated packages, but these are common in Node.js projects and do not indicate intentional malicious behavior by the skill author.
- External report
- View on VirusTotal