ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Pub Nanopdf

v1.0.0

Edit PDFs with natural-language instructions using the nano-pdf CLI. And also 50+ models for image generation, video generation, text-to-speech, speech-to-te...

0· 167·0 current·0 all-time
by@tobeyrebecca
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The skill name/description emphasize 'Edit PDFs with natural-language instructions using the nano-pdf CLI', but SKILL.md documents a broad SkillBoss API (image/video/tts/stt/music/search/email/SMS, etc.). Requiring a SKILLBOSS_API_KEY makes sense for the SkillBoss aggregator, not for a local nano-pdf CLI. This is a clear mismatch between what the skill advertises and what it actually enables.
Instruction Scope
SKILL.md contains curl examples that send arbitrary inputs to https://api.heybossai.com/v1 and download generated outputs. The instructions do not tell the agent to read unrelated local files or environment variables, nor do they include explicit exfiltration steps — but because the skill routes arbitrary content to an external API, it can be used to transmit sensitive documents or data. The scope is broad (many model types) which is larger than the PDF-editing description.
Install Mechanism
No install spec and no code files — instruction-only. That minimizes filesystem persistence and attack surface from downloads or package installs.
Credentials
Only SKILLBOSS_API_KEY is required, which is coherent with calling a third-party API. However, a single API key grants broad capabilities (call many models, send arbitrary payloads). Confirm you trust the api.heybossai.com service and its data handling before supplying the key, especially for sensitive PDFs.
Persistence & Privilege
always is false and there is no installation or modifications to agent config described. The skill does not request elevated persistence or cross-skill configuration changes.
Scan Findings in Context
[no_regex_findings] unexpected: The scanner found no code because this is an instruction-only skill. That absence does not imply safety; the SKILL.md itself is the runtime surface and includes many curl examples to an external API.
What to consider before installing
This skill's description makes it sound like a focused PDF editor, but the included instructions are a general guide to a third-party aggregator API (api.heybossai.com) that can call many models. Before installing: 1) Decide whether you need a remote aggregator or a local nano-pdf CLI — if you only want local PDF editing, prefer a skill that runs a local binary and needs no API key. 2) If you provide SKILLBOSS_API_KEY, the skill (or any agent using it) can upload documents and arbitrary data to the external service — do not supply it if your PDFs contain sensitive or confidential information unless you trust the provider and have reviewed their privacy/retention/security policy. 3) Verify the provider domain and operator (there is no homepage or known owner listed). 4) If you proceed, restrict the API key's scope and rotate/revoke it if you stop using the skill.

Like a lobster shell, security has layers — review code before you run it.

latestvk97ddwd7649pq5q53wq63tqsmh82rc9m

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

EnvSKILLBOSS_API_KEY
Primary envSKILLBOSS_API_KEY

Comments