ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

PR's PDF Agent

Self-hosted PDF operations and conversions with metered usage output.

MIT-0 · Free to use, modify, and redistribute. No attribution required.
2 · 184 · 0 current installs · 0 all-time installs
by@cap-txt
MIT-0
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
Name/description promise self-hosted PDF operations and the repo code implements that. However the skill metadata declares no required binaries or env vars while SKILL.md and the code require/expect uv, Ghostscript (gs), qpdf, poppler (pdftoppm), soffice (LibreOffice), ocrmypdf, wkhtmltopdf/Chrome, and optionally ollama and other Python libs. The registry declarations (no requirements) are inconsistent with the actual capabilities and dependencies.
!
Instruction Scope
SKILL.md focuses on local disk-based PDF processing, but the code can fetch remote HTML (urllib.request.urlopen in html_to_pdf) and can invoke external commands/LLM providers (core.llm uses arbitrary commands or 'ollama' via subprocess). Those behaviors allow network I/O and arbitrary process execution that go beyond simple file manipulation; the documentation does mention some of these tools but the risk/implications are not made explicit in the SKILL.md.
Install Mechanism
No install spec is provided (instruction-only for running via 'uv run'), so nothing is downloaded or installed automatically by the registry. The presence of source files means code will execute locally when run, but there is no remote installer or archive URL to review.
!
Credentials
The registry declares no required env vars, but code reads at least one env var (PDFAGENT_SOFFICE_TIMEOUT) and the subprocess execution paths allow passing custom env to commands. The tool also exposes options to call external LLMs or arbitrary commands; those uses can require secrets or expose sensitive data if misconfigured. Overall requested/used environment access is under-declared relative to what the code can leverage.
Persistence & Privilege
The skill is not always-enabled, does not request to modify other skills, and has no install hook. It writes usage logs optionally to a --usage-file, creates per-command output files and local LibreOffice profile directories, which is normal for a CLI tool.
What to consider before installing
This package implements a comprehensive self-hosted PDF CLI (merging, splitting, OCR, conversions, redaction, an 'agent' mode) and the code mostly matches that purpose — but pay attention to these issues before running it: - Dependency mismatch: The registry lists no required binaries/env but SKILL.md and code expect many external tools (gs, qpdf, pdftoppm, soffice, ocrmypdf, wkhtmltopdf/Chrome, and optionally ollama). Ensure those are installed intentionally. - Network and external execution: html_to_pdf can fetch remote URLs; core.llm can run arbitrary commands or call 'ollama' (a local LLM runner). Running the CLI with remote sources or LLM provider=command may cause the tool to access the network or execute untrusted commands. Treat any use that passes URLs or enables an external LLM/command as potentially exfiltrative. - Undeclared env usage: The code reads PDFAGENT_SOFFICE_TIMEOUT (and subprocess code supports custom env). Review environment variables and avoid exposing secrets to the runtime environment you use for this tool. - Run in isolation first: Test the tool in a sandbox / disposable VM, with non-sensitive PDFs, and confirm behavior (doctor command reports available binaries). Inspect CLI flags (especially anything enabling LLM/agent mode or remote fetching) before using on private data. - Origin and trust: The source 'homepage' and origin are unknown. If you need to run this in production or on sensitive documents, consider auditing the remaining omitted files, or prefer a vetted implementation from a known source. If you want, I can: (1) list every place the code can perform network I/O or spawn external processes, (2) locate where the CLI accepts LLM provider/command options, or (3) highlight any remaining omitted files for further review.

Like a lobster shell, security has layers — review code before you run it.

Current versionv0.1.0
Download zip
convertvk9708rq5wxgknzayc5w9jqz4cd82b7dtlatestvk9708rq5wxgknzayc5w9jqz4cd82b7dtocrvk9708rq5wxgknzayc5w9jqz4cd82b7dtpdfvk9708rq5wxgknzayc5w9jqz4cd82b7dt

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

PDF Agent

Summary

  • Use pdfagent to perform PDF operations (merge, split, compress, convert, OCR, etc.) with detailed usage metering in the output.
  • Best for local, self-hosted processing where inputs/outputs must stay on disk.
  • This skill ships source code in pdfagent/ and runs via uv run from scripts/pdfagent_cli.py (no PyPI publish required).

Requirements

  • uv installed and on PATH.
  • System tools as needed by specific commands: qpdf, ghostscript, poppler (pdftoppm), libreoffice, chromium (for HTML -> PDF), and ocrmypdf.

Core Usage

  • Merge PDFs with usage metrics: uv run {baseDir}/scripts/pdfagent_cli.py merge file1.pdf file2.pdf --out merged.pdf --json
  • Split a PDF by ranges: uv run {baseDir}/scripts/pdfagent_cli.py split input.pdf --range "1-3,5" --out-dir out_dir --json
  • Compress a PDF with a preset: uv run {baseDir}/scripts/pdfagent_cli.py compress input.pdf --preset ebook --out compressed.pdf --json
  • Convert images to PDF: uv run {baseDir}/scripts/pdfagent_cli.py jpg-to-pdf image1.jpg image2.png --out output.pdf --json
  • OCR a scanned PDF: uv run {baseDir}/scripts/pdfagent_cli.py ocr scan.pdf --lang eng --out scan_ocr.pdf --json
  • Agent mode for multi-step instructions: uv run {baseDir}/scripts/pdfagent_cli.py agent "merge then rotate 90 degrees every other page" -i file1.pdf -i file2.pdf --out out.pdf --json
  • Dependency/binary check: uv run {baseDir}/scripts/pdfagent_cli.py doctor --json

Notes

  • Use --json for machine-readable outputs (includes usage and outputs).
  • For encrypted PDFs, pass --password or per-file --passwords.
  • If a conversion tool is missing, pdfagent may use a fallback path and will note it in output or logs.
  • Optional Python deps are still command-specific: uv run --with pdf2docx --with camelot-py[cv] --with pdfplumber --with pyhanko {baseDir}/scripts/pdfagent_cli.py <command> ...

Files

40 total
Select a file
Select a file to preview.

Comments

Loading comments…