Skillv1.0.0

ClawScan security

Book-PDF：书籍级PDF手册生成器 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 16, 2026, 2:20 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: This skill appears to do what it says (create a book-style PDF via Node.js + Playwright using local templates and fragments); requirements and actions are generally coherent, with only minor metadata/instruction mismatches to note.
Guidance: This skill is internally consistent with its stated purpose, but review and accept these points before installing/using it: - SKILL.md requires Node.js >=16 and Playwright (the registry metadata did not list these) — install those first (npm install playwright && npx playwright install chromium). Playwright will download a browser binary. - The provided scripts will create and write files in the project directory you pass to init-project.sh (do not point it at an existing non-empty directory unless you want files copied there). - The PDF render uses Playwright to open a local file:// HTML page; if your fragments contain remote image or resource URLs, Playwright may fetch external resources during rendering. Avoid embedding sensitive local/remote URLs in fragments if you are concerned about network fetches. - The workflow mentions launching background agents and saving research files into the project — this will create files under the chosen project directory; confirm you are comfortable with the agent writing content there. - As with any third-party templates/scripts, inspect templates/fragments/styles.css/build.js/build-pdf.js/update.sh before running, especially if you will run them in sensitive environments. Overall: coherent and appropriate for a local book/PDF generation tool; no credentials or hidden network endpoints were found, so proceed after the checks above.

Review Dimensions

Purpose & Capability: noteThe skill's stated purpose (generate 100+ page PDF books) matches the included scripts (build.js, build-pdf.js, update.sh) and templates. Minor inconsistency: registry metadata lists no required binaries/env, but SKILL.md clearly requires Node.js >=16 and Playwright (npm install playwright && npx playwright install chromium). This is expected for the described capability but should be represented in the metadata.
Instruction Scope: noteRuntime instructions stay within the declared purpose: initialize a project, read design-system.md and local research files, write fragments, merge HTML, and render PDF with Playwright. The SKILL.md does reference an example path (`01-公众号写作/_过程文件/openclaw-guide/`) outside the template that is only advisory; the included scripts do not automatically scan arbitrary system paths. The skill also instructs agents to spawn background research agents (logical workflow) — this is workflow behavior, not hidden I/O, but you should be aware agents will write project files under the chosen project directory.
Install Mechanism: okNo install spec is provided (instruction-only for the platform). The code relies on the user/environment having Node.js and Playwright installed; there are no remote downloads or archive extraction inside the skill itself. This is low-risk but requires the user to install Playwright (which downloads browser engines when run).
Credentials: okThe skill requests no credentials, no environment variables, and no special config paths. File I/O is limited to the project directory created by init-project.sh and standard output/versions directories. That level of access is proportionate to building and storing PDFs.
Persistence & Privilege: okSkill is not always-enabled and uses normal model invocation. It does not request persistent platform-level privileges or modify other skills. Scripts create files within the chosen project directory only.