PDF ת Word ��

Name: pdf-to-word
Author: zhao1263445468

View on ClawHub↗

Share on X Share on LinkedIn Share on Bluesky

100Critical

This PDF-to-Word skill is vulnerable to prompt

ThreatsCI SM CS BC S HITL

Behavior Analysis

Description verified — behavior matches claim

Claims to do

PDF ת Word ��: ��û��ϴ�� PDF �ļ��ת��Ϊ�ɱ༭�� Word �ĵ��.docx��ת��ļ��

Actually does

This skill takes a PDF file as input, likely processes it using a Python backend with the `pdf2docx` library to convert it into a `.docx` Word document, and then returns the converted file to the user. It does not specify contacting external URLs or executing shell commands beyond the Python script itself.

Threat Analysis

AI Agent Traps ↗Scanned 4/16/2026

Content InjectionPerception2 findings

Semantic ManipulationReasoningclean

Cognitive StateMemory & Learningclean

Behavioural ControlAction2 findings

SystemicMulti-Agent Dynamicsclean

Human-in-the-LoopHuman Overseerclean

Skill Info

Namezhao1263445468/pdf-to-word

Registryclawhub

Version1.0.0

PURLpkg:clawhub/zhao1263445468/pdf-to-word@1.0.0

Stars1

Downloads1,124

Installs8

Source

Repository ↗

SHA-2560f62053d1e8a...

SHA-101ab1c4362d1...

MD5fe26ff39c5ba...

TLSHe911cb48dd0e...

Size994 bytes

Install

This skill has been flagged as potentially malicious. Review the findings below before installing.

OpenClawDocs

https://clawhub.ai/zhao1263445468/pdf-to-word

1,124 downloads8 installs

ClawHubDocs

openclaw skills install zhao1263445468/pdf-to-word

Assessments (2)

AI Agent Traps ↗

Prompt Injection Detectedcriticalprompt injection

DeBERTa classifier detected prompt injection (confidence: 1.00)

100% confidence

Garbled Text in Skill Descriptionsinfoobfuscation

The skill's name, description, and parameter descriptions contain garbled characters. While likely an encoding issue, this could potentially obscure malicious intent or make the skill's true purpose less clear.

60% confidenceline 4

description:  PDF ļתΪ Word ĵ.docx (line 4)

Arbitrary File Access & Potential Command Injectioncriticalcommand execution

The skill's 'file' parameter explicitly allows providing a file path, which is then processed by a backend script. This enables arbitrary file reads (reconnaissance, data exfiltration) and, if the path is not sanitized, could lead to command injection by passing malicious commands to the backend script.

95% confidenceline 8

parameters: - name: file description: Ҫת PDF ļ֧ϴṩļ· required: true type: file (lines 8-12) and 2. Զų́űת (line 27)

Unspecified Output File Handling Risksmediumdata exfiltration

The converted Word file is returned as a download link or directly sent to the user. Without clear mechanisms for secure temporary storage and access control, this could potentially be abused for data exfiltration or to expose temporary files.

70% confidenceline 28

3. תɺ󣬷 Word ļӻֱļʽ͸û (line 28)

Badge

Markdown

[![Mondoo Skill Check](https://mondoo.com/ai-agent-security/api/badge/clawhub/zhao1263445468/pdf-to-word.svg)](https://mondoo.com/ai-agent-security/skills/clawhub/zhao1263445468/pdf-to-word)

HTML

<a href="https://mondoo.com/ai-agent-security/skills/clawhub/zhao1263445468/pdf-to-word"><img src="https://mondoo.com/ai-agent-security/api/badge/clawhub/zhao1263445468/pdf-to-word.svg" alt="Mondoo Skill Check" /></a>

Image URL

https://mondoo.com/ai-agent-security/api/badge/clawhub/zhao1263445468/pdf-to-word.svg

Secure your AI agents

Skills can read files, run commands, and access credentials. Mondoo helps organizations manage the security risks of AI agent skills across their entire fleet.

Continuous scanning of skills across all registries
Policy enforcement before skills reach your agents
Integration with your existing security workflow

PDF ת Word ����