Skillv1.0.0

ClawScan security

universal-pdf-vision-parser · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 3, 2026, 1:12 AM

Verdict: suspicious
Confidence: high
Model: gpt-5-mini
Summary: The skill's code and SKILL.md clearly require an external DashScope (Qwen‑VL‑Max) API key and Python packages, but the registry metadata declares no credentials or installs — that mismatch and the use of an external multimodal API to which full page images are uploaded are the main concerns.
Guidance: This skill appears to do what it says (convert PDF pages to images and send them to Qwen‑VL‑Max for transcription), but there are two issues to consider before installing: - Metadata mismatch: The registry claims no required credentials, but the SKILL.md and script require a DashScope API key (DASHSCOPE_API_KEY or --api-key) and Python packages. Confirm the registry/provider and why credentials/dependencies were omitted. - Data exposure: The skill uploads full page images (base64 PNGs) to an external service. Do not run it on sensitive or confidential PDFs unless you trust the DashScope endpoint and have reviewed its privacy/billing/retention policies. Consider using local OCR alternatives for sensitive data. Recommended actions: - Verify the skill's source and author (no homepage and unknown source are risk indicators). - Confirm API key scope and permissions (least-privilege) and monitor billing/usage for unexpected activity. - Test with non-sensitive documents first and inspect network activity if possible. - If you need stronger assurance, ask the publisher to update registry metadata to declare required env vars and dependencies, and provide a canonical homepage or repo.

Review Dimensions

Purpose & Capability: concernThe skill's name, description, SKILL.md, and code all align: converting PDF pages to images and sending them to Qwen‑VL‑Max for transcription. However, the registry metadata claims no required env vars or credentials while SKILL.md and the script require a DashScope API key (either via --api-key or DASHSCOPE_API_KEY). This metadata omission is an incoherence worth flagging.
Instruction Scope: okThe runtime instructions and the script remain within the stated purpose: render PDF pages to PNG, base64-encode them, send them plus a transcription prompt to a multimodal API, and write Markdown. The agent is not instructed to read unrelated files or system state.
Install Mechanism: noteThere is no formal install spec in the registry (instruction-only), but SKILL.md tells the user to pip install pymupdf and dashscope. That is typical for a Python-based, instruction-only skill, but the lack of declared dependencies in the registry is another metadata inconsistency.
Credentials: concernThe code expects an API key (DASHSCOPE_API_KEY or CLI --api-key) to call an external service; this is proportionate to the function. The concern is that the registry lists no required credentials. Also note that the skill transmits full-page base64 images to a third-party API — that is necessary for the stated purpose but has privacy/breach implications for sensitive documents.
Persistence & Privilege: okThe skill does not request always:true, does not modify other skills or system-wide settings, and does not persist credentials beyond setting dashscope.api_key at runtime. No elevated or permanent privileges are requested.