pdf-skill
Security checks across static analysis, malware telemetry, and agentic risk
Overview
The skill appears to be a coherent PDF-processing guide, with only a dependency-installation note for users to verify before use.
This skill looks appropriate for local PDF work. Before installing, verify the listed Python/Homebrew dependencies and use copies of important PDFs when running edit, split, merge, or conversion examples.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing these packages adds third-party code to the user's environment.
The skill asks the user to install unpinned third-party PDF-processing packages. This is expected for the stated PDF workflow, but it is still a dependency/provenance point users should review.
pip install pypdf pdfplumber weasyprint
Install only from trusted package sources, consider pinning versions for repeatable use, and review optional dependencies such as OCR or Poppler before installing them.