ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

dianju-ofd-tools

v1.0.0

Convert local PDF and OFD files to each other and extract text content from OFD files with temporary download links provided.

0· 84·0 current·0 all-time
bystmm@stmmer
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The declared purpose (convert local PDF/OFD and extract text) is plausible, but the runtime instructions require an external service (APP_ID, APP_KEY, API_URL) and an npm package (npx dianju-ofd-tools). The skill metadata claims no required env vars, binaries, or install, so the external-service dependency and credentials are not declared — a mismatch.
!
Instruction Scope
SKILL.md tells the agent/user to run npx to fetch/execute dianju-ofd-tools and to run ofd-tools CLI commands that will read absolute local file paths. It also references APP_ID/APP_KEY/API_URL and logging env vars (ENABLE_LOGGING, LOG_TO_FILE) that are not declared. The instructions imply network calls (uploading files to a remote DCS service and returning temporary download links) which goes beyond pure local conversion and affects data exposure/privacy.
!
Install Mechanism
There is no install spec in the registry entry, but the documentation explicitly instructs use of 'npx dianju-ofd-tools' (which would fetch and run code from npm at runtime) and examples call an 'ofd-tools' CLI. That means code would be dynamically downloaded/installed from an external package registry without declared provenance — higher-risk than an instruction-only, local-only tool.
!
Credentials
The doc requires APP_ID, APP_KEY, and API_URL (and mentions logging env vars) but the skill metadata lists no required environment variables or primary credential. Requesting service credentials and an API endpoint is reasonable only if the skill truly uses a remote conversion service; failing to declare them in metadata is an incoherence that prevents privilege review and increases risk of accidental credential exposure.
Persistence & Privilege
The skill does not request always:true and has no install spec that writes persistent config in the registry data. Autonomous invocation is allowed (platform default) but there is no sign the skill requests permanent presence or modifies other skills.
What to consider before installing
This skill's docs instruct you to run npx (which will fetch and execute code from npm) and to provide APP_ID/APP_KEY and an API_URL for a remote DCS service, yet the registry entry declares no credentials or install provenance. Before installing or running: 1) Confirm the authoritative source (homepage, GitHub repo, or npm package) and review that package's code and maintainers; 2) Do not share secret APP_ID/APP_KEY with an unknown service until you verify it; 3) Prefer a local-only tool if you must keep files private, or verify the remote service's privacy/security and where temporary download links are hosted; 4) Ask the publisher to include a proper install spec, declare required env vars in metadata, and clarify whether conversions happen locally or on a remote server. If you cannot verify provenance, avoid running npx or supplying credentials.

Like a lobster shell, security has layers — review code before you run it.

latestvk97fpedxwgmp1rwt3kfkvncgzx83hszc

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments