Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
pdf-translate-skill
v1.0.0Translate PDF documents or arXiv papers preserving formatting by extracting text and images, translating content, and generating a reconstructed LaTeX-based...
⭐ 0· 22·0 current·0 all-time
byZexun Lin@overdue-lin
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The skill's name and description (translate PDFs / arXiv papers and produce LaTeX/PDF) match the included scripts and references. The code files implement PDF→images, image extraction, arXiv source download, and LaTeX compilation — all needed for the stated functionality. One inconsistency: the registry metadata lists no required binaries/env—but SKILL.md and the scripts clearly require system tools (curl/wget, XeLaTeX/pdfLaTeX) and Python packages. This appears to be an omissions in metadata rather than malicious misdirection.
Instruction Scope
Runtime instructions and scripts perform expected actions: detecting arXiv IDs/URLs, downloading arXiv e-print archives, extracting .tex files, converting PDF pages to images, extracting embedded images, translating TeX content conceptually (the SKILL.md describes translation rules), and compiling LaTeX via xelatex/pdflatex. The scripts read and write files in local directories and call external commands (curl/wget/xelatex) — all consistent with the stated tasks. They do not reference or exfiltrate unrelated system files, nor do they require credentials. The seller's instructions to 'use the agent's multilingual capabilities' implies translation happens locally in the agent workflow (no external translation API is invoked).
Install Mechanism
There is no install spec (instruction-only install) which minimizes automated code installation risk. However, the SKILL.md lists several manual prerequisites (Python packages, XeLaTeX/TeX Live or MiKTeX, curl/wget). The code uses subprocess calls to system binaries. Because installation is manual, the user must install large toolchains (TeX) themselves — this is expected for LaTeX compilation but worth noting as a non-trivial dependency.
Credentials
The skill declares no environment variables or credentials, and none are required by the scripts. Network access is used only to fetch arXiv e-prints (https://arxiv.org/e-print/{id}) via curl/wget/urllib which is appropriate for the arXiv download feature. No secrets, keys, or unrelated service credentials are requested.
Persistence & Privilege
The skill is not always-enabled, is user-invocable, and does not attempt to modify other skills or agent-wide configuration. It runs local file operations and external commands in the working directories only (no system-wide changes are performed by the scripts).
Scan Findings in Context
[pre-scan-injection-signals] expected: The pre-scan reported no injection signals. The scripts do use subprocess.run and perform network downloads (curl/wget) and archive extraction — patterns expected for downloading and compiling arXiv source.
Assessment
This skill is coherent with its purpose but requires significant local tooling and performs network downloads and disk writes. Before using it: 1) Note the SKILL.md requires Python (pymupdf, pillow), curl/wget, and a LaTeX installation (XeLaTeX/TeX Live or MiKTeX). The registry metadata omits these — install them yourself or in a container. 2) Review the scripts (they are included) if you are concerned: they call curl/wget, extract tar.gz archives, and run xelatex/pdflatex via subprocess — run in a sandbox (container or VM) if you want to limit risk. 3) The skill downloads from arxiv.org only; do not run it on arbitrary/untrusted URLs without inspection. 4) No credentials are requested, but the tool writes files and executes system binaries — ensure you trust the environment and have disk space. If you want more assurance, run the scripts on sample documents inside an isolated environment first.Like a lobster shell, security has layers — review code before you run it.
latestvk977ev8s6pk0qnm3981fcdqtfd847948
License
MIT-0
Free to use, modify, and redistribute. No attribution required.