Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Use this skill whenever the user wants to do anything with PDF files. This includes reading or extracting text/tables from PDFs, combining or merging multipl...
⭐ 0· 62·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill name/description (general PDF processing: text/tables, merge/split, OCR, encrypt/decrypt, images, forms) is broadly consistent with the supplied materials, but the included code is heavily focused on form extraction and filling (scripts to extract form fields/structure, convert pages to images, validate bounding boxes, and write annotations). SKILL.md and reference.md mention OCR, encryption/decryption, and many external command-line tools (pdftotext, qpdf, pdftk, magick, pypdfium2) but there are no scripts implementing OCR or encryption/decryption, and no explicit dependency list. This is a capability mismatch (claimed features vs. shipped code).
Instruction Scope
The SKILL.md and FORMS.md instruct the agent to run the included scripts and some external command-line tools. The scripts operate on user-supplied PDF files and JSON files only (no network calls or reading unrelated system files). Two noteworthy items: (1) instructions tell you to use external utilities (ImageMagick 'magick'/'convert', poppler-utils, qpdf, pdftk) but the skill's metadata does not declare those binaries as required; (2) scripts monkeypatch pypdf internals (DictionaryObject.get_inherited) to handle certain PDF field encodings — this changes library behavior at runtime and should be understood before use. The instructions otherwise do not direct the agent to read or exfiltrate unrelated data.
Install Mechanism
This is an instruction-only skill with included Python scripts and no install spec. That is low-risk from an installer perspective, but the skill implicitly depends on multiple Python packages (pypdf, pdfplumber, pdf2image, PIL/Pillow, possibly pdf2image->poppler) and system binaries (poppler tools for pdf2image, ImageMagick for crop workflows, qpdf/pdftk for advanced ops). Those dependencies are not declared nor provided by an install step; that mismatch can cause runtime errors or lead users to install third-party binaries from untrusted sources.
Credentials
The skill requests no environment variables, credentials, or special config paths. The scripts only read and write files the user specifies (PDFs, JSONs, images). There is no evidence of credential access or remote endpoints in the code.
Persistence & Privilege
The skill does not request permanent presence (always:false) and does not modify other skills or system-wide configs. It runs local scripts and writes output files; it does not persist into agent configuration or install background services.
What to consider before installing
What to consider before installing/using this skill:
- Functionality: The packaged scripts are focused on form extraction/filling and image conversion; other claimed features (OCR, encryption/decryption) are referenced in docs but not implemented in the shipped scripts. If you need OCR or password handling, confirm which tools the agent will actually use (e.g., Tesseract, qpdf) and whether those will be available/trusted.
- Dependencies: The skill does not declare system or Python dependencies. To run the scripts you will likely need Python packages (pypdf, pdfplumber, pdf2image, pillow) and system binaries (poppler for pdf2image, ImageMagick 'magick' or 'convert' if you follow the visual-cropping instructions, and optionally qpdf/pdftk). Install these only from trusted sources and preferably in a controlled (virtualenv/container) environment.
- Safety: The scripts only operate on files you provide and do not perform network calls or require secrets. Still, review the scripts (they are included) before running in a production environment. Pay attention to the monkeypatch in fill_fillable_fields.py that alters pypdf behavior — that can affect how PDFs are parsed and might interact poorly with other code using the same library.
- License: LICENSE.txt places restrictive terms (Anthropic PBC) and forbids extracting or redistributing materials in many ways. Ensure those terms are acceptable for your use case.
- Recommended precautions: run examples on non-sensitive sample PDFs first; execute in an isolated environment (virtualenv or container); install system dependencies from official package sources; if you require OCR or encryption features, confirm exactly which external tool will be used and whether it needs additional installation (e.g., Tesseract for OCR, qpdf for encryption operations).
Overall: the skill appears to implement legitimate PDF form workflows, but the documentation overpromises some features and omits dependency details — treat it as useful but incomplete and verify environment/setup before relying on it.Like a lobster shell, security has layers — review code before you run it.
chinesevk97bj1fnw0m643kmag7bkag08d83g5x4documentvk97bj1fnw0m643kmag7bkag08d83g5x4latestvk97bj1fnw0m643kmag7bkag08d83g5x4pdfvk97bj1fnw0m643kmag7bkag08d83g5x4
License
MIT-0
Free to use, modify, and redistribute. No attribution required.