paper-summarize-pdf-to-feishu Security Report — Trusted | ClawSafe

5 /100

paper-summarize-pdf-to-feishu

Multi-agent orchestration skill for summarizing academic PDFs into Feishu (Lark) documents with figure extraction and hallucination-prevention review

A legitimate multi-agent PDF-to-Feishu paper summarization skill with no malicious indicators — all shell execution is declared, documented, and limited to standard PDF processing tooling.

Skill Namepaper-summarize-pdf-to-feishu

Duration33.9s

Enginepi

✓

Safe to install

No action required. This skill performs standard PDF processing (pdftotext, pdfimages, pdfinfo, tesseract, jq) for academic paper summarization, all of which is clearly declared in SKILL.md.

Findings 1 items

Severity	Finding	Location
Low	sudo apt-get install in SKILL.md SKILL.md instructs to run `sudo apt-get install` for dependency installation. This is a standard setup requirement for a PDF processing skill and is clearly documented. `sudo apt-get install -y poppler-utils` → This is legitimate setup documentation, not a risk. No action needed.	`SKILL.md:57`

Resource	Declared	Inferred	Status	Evidence
Filesystem	`READ`	`READ`	✓ Aligned	All file operations are read-only on PDFs, text, and logs within a scoped $PAPER…
Shell	`WRITE`	`WRITE`	✓ Aligned	5 shell scripts (extract_metadata.sh, extract_pdf_text.sh, check_duplicate.sh, l…
Network	`READ`	`READ`	✓ Aligned	feishu.cn API calls and doi.org reference links — declared for document creation…
Environment	`NONE`	`READ`	✓ Aligned	Reads $PAPER_DIR, $PAPERS_DIR, $DOC_TOKEN from openclaw.json config — no credent…
Skill Invoke	`NONE`	`WRITE`	✓ Aligned	Invokes feishu_doc, sessions_spawn, subagents tools — all declared in SKILL.md
Clipboard	`NONE`	`NONE`	—	No clipboard access observed
Browser	`NONE`	`NONE`	—	No browser automation
Database	`NONE`	`NONE`	—	No database access

3 findings

🔗

Medium External URL 外部 URL

https://feishu.cn/docx/

SKILL.md:531

🔗

Medium External URL 外部 URL

https://doi.org/

references/summary_template.md:143

🔗

Medium External URL 外部 URL

https://feishu.cn/docx/$existing_token

scripts/check_duplicate.sh:55

File Tree

7 files · 63.5 KB · 2109 lines

Markdown 2f · 1562L Shell 5f · 547L

├─ ▾ 📁 references

│ └─ 📝 summary_template.md Markdown 218L · 4.1 KB

├─ ▾ 📁 scripts

│ ├─ 🔧 check_duplicate.sh Shell 155L · 5.4 KB

│ ├─ 🔧 extract_metadata.sh Shell 98L · 2.9 KB

│ ├─ 🔧 extract_pdf_text.sh Shell 56L · 1.4 KB

│ ├─ 🔧 locate_figures.sh Shell 144L · 4.6 KB

│ └─ 🔧 merge_supplement.sh Shell 94L · 2.6 KB

└─ 📝 SKILL.md Markdown 1344L · 42.5 KB

Dependencies 3 items

Package	Version	Source	Known Vulns	Notes
`poppler-utils`	`system package`	apt	No	Standard PDF processing toolkit (pdftotext, pdfinfo, pdfimages, pdftoppm)
`tesseract-ocr`	`system package`	apt	No	OCR engine for image-to-text extraction
`jq`	`system package`	apt	No	JSON processor for metadata parsing

Security Positives

✓ All shell script execution is explicitly declared in SKILL.md with clear purpose (PDF/text extraction, metadata, figures, deduplication)

✓ No credential harvesting — reads only public DOI data and config files

✓ No base64, eval, or obfuscated code patterns

✓ No access to sensitive paths (~/.ssh, ~/.aws, .env, ~/.netrc)

✓ No external IP addresses or C2 infrastructure

✓ No curl|bash or wget|sh remote script execution

✓ Working directory scoped to $PAPER_DIR — no broad filesystem access

✓ No data exfiltration or unauthorized data transmission

✓ Multi-agent architecture with sub-agent cleanup is well-designed

✓ Dependencies (poppler-utils, tesseract-ocr, jq) are standard CLI tools, version-pinning not critical for security

Scan Report

Findings 1 items

File Tree

Dependencies 3 items

Security Positives