Back to skill
Skillv1.0.0
ClawScan security
Pdf Extract Hardened · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 29, 2026, 1:43 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is internally coherent: it only requires pdftotext, its instructions match the stated purpose, and its included safety guardrails limit risky behaviors.
- Guidance
- This skill appears low-risk and does what it says: it converts PDFs to text using pdftotext and includes sensible guardrails (no automatic disk writes, no piping to network). Before installing: ensure pdftotext is from a trusted package source on your system, verify the agent implementation will enforce the guardrails (instructions are only effective if the agent follows them), and avoid running the skill in contexts where the agent has access to sensitive PDFs you don't want extracted. If you need automatic saving or network transmission, require an explicit user confirmation step before doing so.
Review Dimensions
- Purpose & Capability
- okName/description match the requirements: pdftotext/poppler-utils is the expected tool for PDF→text extraction. No unrelated binaries, env vars, or config paths are requested.
- Instruction Scope
- okSKILL.md restricts actions to running pdftotext and returning the extracted text (or writing a file only if the user explicitly requests it). It explicitly forbids piping output to network endpoints and warns about writing sensitive data to shared logs; instructions do not reference unrelated files, credentials, or system state.
- Install Mechanism
- okThis is an instruction-only skill with no opaque downloads. The only install hint is a dnf package (poppler-utils) which is an expected, standard source for pdftotext.
- Credentials
- okNo environment variables, credentials, or unrelated service tokens are requested—proportional to the skill's simple purpose.
- Persistence & Privilege
- okalways is false, the skill does not request persistent privileges or write to other skills' configs. The guardrail to avoid autonomous disk writes is present in SKILL.md.