Dangerous exec
Critical
- Finding
- Shell command execution detected (child_process).
智能文档处理助手
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This is mostly a local document-processing tool, but its PDF extraction command can be abused to run unintended shell commands, and its advertised features are broader than the shipped code supports.
Only use this skill on trusted local files unless the shell-command issue is fixed. Be aware that outputs may contain document text, extracted emails or phone numbers, and local file paths, and that several advertised AI/translation/conversion features appear incomplete.
Static analysis
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
What this means
Processing a PDF with a maliciously crafted filename could run commands on the user's machine with the agent's privileges.
Why it was flagged
The inputFile value comes from the user-supplied --input argument and is interpolated into a shell command. Quoting it this way does not safely handle filenames containing shell metacharacters or embedded quotes.
Skill content
text = execSync(`pdftotext "${inputFile}" -`, { encoding: 'utf-8' });Recommendation
Replace execSync shell-string usage with execFileSync or spawn using an argument array, and validate or reject unsafe file paths before processing.
What this means
Users or agents may rely on capabilities that are not actually available, leading to failed workflows or misplaced trust in the output quality.
Why it was flagged
The provided process.mjs implements basic extraction and placeholder translation rather than the full AI translation and broad format conversion features advertised here.
Skill content
🌐 **多语言翻译** - 支持 50+ 语言 ... 🔄 **格式转换** - PDF ↔ Word ↔ Markdown ↔ HTML
Recommendation
Update the documentation to match the shipped implementation, or include the missing/claimed functionality with clear limits.