Scan Report
0 /100
polito-notes
Convert PDF lecture slides into comprehensive bilingual (IT+EN) markdown notes for Polito university courses
A pure documentation skill with no executable code — all stated capabilities (PDF text extraction, bilingual markdown generation, file writing) are explicitly declared with zero hidden functionality.
Safe to install
No action needed. This skill is a plain documentation file describing a PDF-to-markdown pipeline. If deployed, ensure the Bash tool is restricted to read-only pdftotext invocations rather than unrestricted shell access.
| Resource | Declared | Inferred | Status | Evidence |
|---|---|---|---|---|
| Filesystem | READ | READ | ✓ Aligned | SKILL.md: reads user-provided PDFs |
| Filesystem | WRITE | WRITE | ✓ Aligned | SKILL.md: writes notes.md and notes-en.md to course folders |
| Shell | READ | READ | ✓ Aligned | SKILL.md: runs pdftotext only — documented, scoped, no arbitrary command executi… |
| Network | NONE | NONE | — | No network access detected |
| Environment | NONE | NONE | — | No environment variable access detected |
| Clipboard | NONE | NONE | — | No clipboard access detected |
| Browser | NONE | NONE | — | No browser access detected |
| Database | NONE | NONE | — | No database access detected |
File Tree
2 files · 5.3 KB · 139 lines Markdown 1f · 134L
JSON 1f · 5L
├─
_meta.json
JSON
└─
SKILL.md
Markdown
Security Positives
✓ All capabilities (filesystem READ/WRITE, shell for pdftotext) are explicitly declared in SKILL.md
✓ No scripts or executable code present — skill is purely a specification document
✓ RAG integration references an external, named skill (lookupmark-local-rag) with a scoped query script
✓ No credential harvesting, environment variable iteration, or sensitive path access
✓ No obfuscation, base64-encoded execution, or anti-analysis patterns
✓ No outbound network calls or data exfiltration indicators
✓ Workflow is limited to: read PDF → write bilingual markdown → done