Is er3mit4/docling safe?

https://github.com/openclaw/skills/tree/main/skills/er3mit4/docling

90
SAFE

This is a legitimate document processing skill that provides a clean interface to the docling CLI tool for parsing web pages, PDFs, and other documents. The skill includes appropriate security warnings and transparent documentation. The main risks involve potential misuse of URL fetching and document processing capabilities.

Category Scores

Prompt Injection 100/100 · 30%
Data Exfiltration 95/100 · 25%
Code Execution 80/100 · 20%
Clone Behavior 100/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 85/100 · 5%

Findings (4)

MEDIUM URL fetching capability -5

The skill instructs the agent to fetch content from arbitrary URLs using docling, which could potentially be misused to access sensitive endpoints if the agent is tricked into processing malicious URLs.

MEDIUM External command execution -15

The skill requires execution of the external docling CLI tool, which processes arbitrary files and URLs. While documented transparently, this represents a potential attack surface.

LOW References to dangerous flags -5

The skill documentation mentions potentially dangerous flags like --enable-remote-services and --allow-external-plugins, though it appropriately warns against their use.

LOW Potential for misuse in combination attacks -15

While benign on its own, this skill could be dangerous if combined with other skills that generate URLs or file paths, potentially leading to processing of sensitive content.