ClawHub
Back to skill
v1.0.1

PDF Report

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 8:06 AM.

Analysis

The skill is mostly coherent for making PDFs, but its optional custom Jinja2 templates are rendered without a sandbox, so only trusted templates should be used.

GuidanceThis skill can be useful for workspace PDF reports, but treat custom Jinja2 templates like executable code: use the default template or templates you trust, and review the sudo/pip setup commands before installing.

Findings (2)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Unexpected Code Execution
SeverityMediumConfidenceMediumStatusConcern
scripts/render_pdf.py
from jinja2 import Environment, FileSystemLoader, select_autoescape ... template = environment.get_template(template_path.name) ... return template.render(**data)

The code renders a user-selectable workspace Jinja2 template using the normal Jinja2 Environment rather than a sandboxed environment. Autoescaping protects HTML output but does not make untrusted template logic safe.

User impactIf the agent renders a malicious or untrusted custom template, the template may be able to do more than format the report, potentially affecting the local workspace or environment.
RecommendationUse the bundled template by default, and only use custom templates from trusted sources. The skill author should consider Jinja2 SandboxedEnvironment, removing dangerous default globals, and documenting that custom templates are trusted code.
Agentic Supply Chain Vulnerabilities
SeverityLowConfidenceHighStatusNote
SKILL.md
sudo apt-get install -y ...
~/.openclaw/workspace/.venv_pdf/bin/pip install weasyprint jinja2

The setup instructions install system libraries and unpinned Python packages. This is purpose-aligned for WeasyPrint/Jinja2 PDF generation, but versions and provenance are not locked.

User impactInstallation depends on whatever package versions are available from the configured system and Python package repositories at install time.
RecommendationReview the setup commands before running them, and prefer pinned dependency versions or a reviewed lockfile when possible.