pdf-to-markdown

[Skill Scanner] Installation of third-party script detected All findings: [CRITICAL] command_injection: Installation of third-party script detected (SC006) [AITech 9.1.4] [CRITICAL] command_injection: Installation of third-party script detected (SC006) [AITech 9.1.4] [CRITICAL] command_injection: Destructive bash command detected (rm -rf, chmod 777) (CI004) [AITech 9.1.4] [CRITICAL] command_injection: Installation of third-party script detected (SC006) [AITech 9.1.4] [CRITICAL] command_injection: Installation of third-party script detected (SC006) [AITech 9.1.4] This skill's documented behavior is broadly consistent with its stated purpose (full-document PDF extraction to Markdown with images and caching). There are no direct signs of classical malware or credential-harvesting behavior in the provided text. However there are supply-chain and privacy concerns: (1) use of an unexplained 'uv' installer wrapper in the install instructions increases uncertainty about what gets executed during setup, (2) large AI model downloads are referenced but sources and integrity checks are not specified, and (3) the 'auto-view images' behavior instructs the agent to silently open image files when answering visual questions, which may lead to unexpected local file reads. I assess low probability of intentional malware but moderate privacy/supply-chain risk; review and verification of the actual script and the provenance of downloaded models/packages is recommended before use. LLM verification: The skill appears functionally legitimate for converting PDFs to Markdown with image extraction and caching. Main security concerns are supply-chain hygiene (unpinned pip installs and unspecified model sources with large model downloads), an aggressive auto-view behavior that causes the agent to read image files without explicit user consent (privacy/scope creep), and dangerous shell command examples in docs (rm -rf) that risk accidental destructive use. No strong evidence of deliberate malware