Back to skill
Skillv0.1.0
ClawScan security
marker · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 15, 2026, 8:47 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is internally consistent: it wraps the external marker_single CLI to convert PDFs to Markdown and does not request unrelated credentials, installs, or system access.
- Guidance
- This skill is a thin wrapper around the external marker_single CLI (marker-pdf). The included Python is straightforward and only runs marker_single on a local PDF and reads resulting .md files. Before using: (1) ensure you trust the marker-pdf package you install (inspect its source or install from a reputable PyPI package), since the external CLI will be executed on your machine; (2) run it on non-sensitive documents first or in a sandbox if you have concerns about third-party tools; and (3) remember cleanup=False will leave output files next to the PDF. No credentials or network endpoints are required by the skill itself.
Review Dimensions
- Purpose & Capability
- okName/description match the included code and instructions. The script only requires the marker_single CLI (marker-pdf) and operates on local PDF files; there are no unrelated dependencies or credentials.
- Instruction Scope
- okSKILL.md and the script limit operations to running marker_single, reading its output, and optionally writing output folders next to the input PDF or a temp dir. The instructions do not ask for unrelated files, system config, or network endpoints.
- Install Mechanism
- okNo install spec is provided (instruction-only). The README suggests installing marker-pdf via pip, which is proportional. Nothing is fetched or extracted by the skill itself.
- Credentials
- okThe skill requires no environment variables, credentials, or config paths. Its access model (local filesystem for input PDF and optional output directory) is appropriate for its purpose.
- Persistence & Privilege
- okThe skill does not request always:true, does not modify other skills or global agent settings, and does not persist credentials. It only writes output files when requested or when cleanup=False.