Shell command execution detected (child_process).
Critical
- Code
- suspicious.dangerous_exec
- Location
- dist/src/nutrient-cli.js:90
- Evidence
await execFile(cmd, ["--version"], { timeout: 10_000 });
Security audit
Security checks across malware telemetry and agentic risk
This plugin appears to be a straightforward local PDF-to-Markdown extractor, with the expected command execution needed to run the PDF conversion tool.
Install only if you want OpenClaw agents or the OpenClaw CLI to process local PDFs through Nutrient's pdf-to-markdown tool. Be aware that the plugin runs the configured PDF conversion command, including a startup --version probe, so avoid pointing its command setting at anything you do not trust and review the separate Nutrient licensing terms for higher-volume or commercial use.
61/61 vendors flagged this plugin as clean.
Detected: suspicious.dangerous_exec
await execFile(cmd, ["--version"], { timeout: 10_000 });await execFile(cmd, ["--version"], { timeout: 10_000 });