ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

MiniMax PDF

v1.0.0

Use this skill when visual quality and design identity matter for a PDF. CREATE (generate from scratch): "make a PDF", "generate a report", "write a proposal...

0· 49·0 current·0 all-time
byzylorra@yhlorra
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description (visual, design-driven PDF creation, filling, reformatting) match the included scripts and README: palette.py, cover.py, render_cover.js, render_body.py, merge.py, fill_inspect.py, fill_write.py and a unified make.sh. No unrelated credentials, config paths, or binaries are requested. The assets and design.md explain the design system used by the render pipeline.
Instruction Scope
SKILL.md and README limit actions to generating tokens, rendering a cover (HTML → PDF via Playwright/Chromium), rendering body pages (ReportLab), merging PDFs, and inspecting/filling form fields. The runtime does fetch external resources: cover HTML loads Google Fonts via @import and render_cover/playwright will fetch cover_image URLs (supports absolute URLs and file://). The fill scripts inspect/write local PDFs only. There is no instruction to read unrelated host files or to send document content to arbitrary third-party endpoints, but rendering will make network requests for fonts and images (expected for cover rendering).
Install Mechanism
There is no formal install spec in the registry (instruction-only skill), but the included scripts can auto-install dependencies: make.sh fix installs Python packages (reportlab, pypdf, matplotlib) and npm -g playwright + npx playwright install chromium. Several Python scripts call pip install at runtime if deps are missing (ensure_deps). This is functional for offline use but means package installation and binary downloads happen when the user runs 'fix' or first invokes features that trigger installs.
Credentials
The skill declares no required environment variables, credentials, or special config paths. The scripts temporarily use environment variables when injecting cover fields (PDF_ABSTRACT, PDF_COVER_IMAGE) but they are local and optional. No secrets or unrelated service tokens are requested.
Persistence & Privilege
The skill is not configured always:true and is user-invocable. It does not modify other skills or system agent settings. The only persistent changes the scripts may make are installing packages (pip/npm/global playwright) and writing output PDFs/tokens to disk — expected behavior for a PDF tool.
Assessment
This skill appears to be what it claims: a design-driven PDF generator + form-filler. Before installing or running it, consider: - Dependency installs: running make.sh fix or the scripts can install Python packages and globally install Playwright/Chromium via npm; run in a virtualenv or container if you want to avoid changing your system Python/npm environment. - Network fetches: cover rendering loads Google Fonts via CSS @import and will fetch any cover_image URLs you provide (absolute URLs). If you render covers with remote image URLs, the renderer will make outbound HTTP(S) requests — don't pass URLs that point at sensitive internal services or that rely on credentials. - Local files: the pipeline reads and writes files (content.json, input PDFs, output PDFs). Inspect content.json and any input PDF paths you pass to ensure you aren't accidentally exposing sensitive files to a process with network access. - Inspect render_cover.js if you need absolute assurance about what the Node renderer fetches or posts. Recommended workflow: run bash scripts/make.sh check first, then run in an isolated environment (virtualenv or container) and test with non-sensitive sample documents. If you want to avoid network fetches, provide only local file:// cover images and ensure your environment has the required fonts installed so Playwright doesn't need to fetch them.
scripts/make.sh:79
Shell command execution detected (child_process).
scripts/render_cover.js:41
Shell command execution detected (child_process).
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.

Like a lobster shell, security has layers — review code before you run it.

latestvk97dp20ea63hx1ytz6hfps021x83kh5k

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments