Pdf Poppler Utils
PassAudited by ClawScan on May 1, 2026.
Overview
This is a coherent PDF command-line utility skill, but users should approve environment changes and use password, DRM, or signing options only when authorized.
This skill appears safe for ordinary PDF work. Before installing, be aware that it uses local poppler command-line tools, may create or overwrite PDF-derived files, and includes an optional Homebrew curl unlink step. Avoid using password, DRM-bypass, hidden-text, or PDF-signing options unless you are authorized and intentionally requested them.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Running the setup commands can change installed command-line tools and may affect other software that depends on Homebrew curl.
The skill documents local package-management commands, including a Homebrew curl unlink operation that changes the local toolchain. It is disclosed and requires human permission, so this is a setup note rather than suspicious behavior.
brew install poppler ... brew unlink curl -v ... Please ask for human permission before executing `brew unlink curl -v`.
Only run the curl unlink command if needed, after understanding the impact and how to reverse it.
The agent could help extract or convert content from protected PDFs if the user supplies the necessary password or asks for restriction-bypass options.
The skill documents PDF options that can bypass document-level restrictions. This is part of the poppler tool reference, but users should ensure they are authorized to use those options.
`-opw <password>` | Owner password (bypasses all security)
Use owner-password, DRM, or hidden-text extraction options only for documents you are authorized to access and modify.
If used, the agent may rely on local certificate/key material to sign a PDF, which can have trust or legal implications.
The pdfsig documentation includes optional access to a local certificate database and signing key password for adding PDF signatures. This is disclosed as a tool capability, but it involves sensitive signing authority.
`-nssdir [prefix]directory` | NSS database directory ... `-add-signature` | Add a new signature to the document ... `-kpw password` | Password for signing key
Do not provide signing key passwords or NSS database paths unless you explicitly intend to sign the document and understand the result.