Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Pandoc Rust
v1.0.0A powerful document conversion tool supporting Html, Markdown, Docx, PDF, and LaTeX formats. Provides bidirectional conversion between these formats using a...
⭐ 0· 38·0 current·0 all-time
by@guyoung
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description (WASM-based document conversion) align with the runtime instructions (download a pandoc-component.wasm and run conversions). Filesystem access via --work-dir is necessary for reading input and writing output, so that requirement is proportionate to the stated purpose. One minor note: the skill metadata lists source/homepage as unknown while the usage docs point to a specific GitHub raw URL; that mismatch reduces provenance.
Instruction Scope
SKILL.md and USAGE.md explicitly instruct downloading a WASM from a remote raw.githubusercontent.com URL and running it with openclaw wasm-sandbox run, always passing --work-dir to grant the WASM access to the chosen host directory. While these steps are required for conversion, they also mean arbitrary code (the downloaded WASM) will be executed with read/write access to whatever directory you grant — which could expose secrets or other files if the work-dir is poorly chosen. The instructions do not instruct reading unrelated system paths, but the responsibility to choose a safe work-dir is placed on the user/agent.
Install Mechanism
There is no install spec in the package, but the USAGE.md directs downloading a WASM from a raw.githubusercontent.com URL. Raw GitHub is a common host, but the file is an executable artifact from a third party and the skill does not provide checksums, release signatures, or an authoritative homepage. Downloading and executing remote artifacts without explicit provenance is a moderate-to-high risk.
Credentials
The skill requests no environment variables, credentials, or config paths — appropriate for a local document conversion tool. However, granting --work-dir effectively exposes whatever directory is chosen; this operational risk is proportional to the task but should be managed (do not point work-dir to home or directories containing secrets).
Persistence & Privilege
The skill is instruction-only, has no install hooks, and does not request always:true or system-wide configuration changes. It does not ask to modify other skills or persist credentials. Autonomous invocation is allowed (platform default) but not combined with high privileges in the package metadata.
What to consider before installing
This skill appears to do what it claims (convert documents) but it relies on downloading and running a WASM from a third party and requires you to grant that WASM filesystem access via --work-dir. Before installing or using it: verify the WASM's provenance (prefer a signed release or checksum), avoid pointing --work-dir at your home directory or any folder containing secrets, run conversions on isolated directories (e.g., a temporary or dedicated docs folder), and consider inspecting or obtaining the WASM from an official project/release page rather than a raw file URL. If you can't verify the WASM origin or integrity, treat it as untrusted code and don't expose sensitive files to the work directory.Like a lobster shell, security has layers — review code before you run it.
latestvk9795c6mfasrvakj91z55bn4xs84hh4v
License
MIT-0
Free to use, modify, and redistribute. No attribution required.