Li ETL Handle
ReviewAudited by ClawScan on May 10, 2026.
Overview
This is a coherent local Excel/CSV ETL tool, but review is recommended because it knowingly ships with a vulnerable spreadsheet parser and supports custom JavaScript execution.
Install only if you are comfortable with a local file-processing tool that can read and write selected spreadsheets. Avoid untrusted Excel files unless the xlsx dependency is upgraded or the work is sandboxed, confirm output paths before writing, and never run untrusted JavaScript through the script feature.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A malicious or malformed Excel file could potentially exploit the parser or cause denial-of-service behavior during processing.
The skill's core function is to open Excel files, and the project itself acknowledges known vulnerabilities in the spreadsheet parser it uses.
xlsx 包存在两个漏洞: 1. Prototype Pollution (GHSA-4r6h-8v6p-xvw6) 2. ReDoS (GHSA-5pgg-2g8v-p4x9) ... 处理恶意构造的 Excel 文件时可能受影响
Upgrade or replace the xlsx dependency before relying on this skill for untrusted files; otherwise process only trusted spreadsheets, preferably in a sandbox.
Installing dependencies may rely on a non-HTTPS mirror, which can create avoidable supply-chain and availability concerns.
The lockfile points dependency downloads to an HTTP third-party mirror. Integrity hashes reduce tampering risk, but the install provenance is less direct than HTTPS npm registry sources.
"resolved": "http://mirrors.tencentyun.com/npm/xlsx/-/xlsx-0.18.5.tgz"
Regenerate the lockfile from trusted HTTPS registry sources and keep dependency integrity checks enabled.
A script run through this feature could access or change local data with the same permissions as the Node.js process.
Custom JavaScript execution is a documented feature. It is purpose-aligned for ETL customization, but risky if code is copied from untrusted prompts, files, or spreadsheets.
**executeScript 函数**允许执行自定义 JavaScript 代码,请确保传入的函数安全可靠
Only run scripts you wrote or fully trust, and do not execute JavaScript extracted from untrusted documents or chat responses.
The agent may create or overwrite local output files when asked to transform data.
The skill can create directories and write files to caller-supplied paths. This is expected for Excel automation, but a mistaken path could overwrite or create files unexpectedly.
function writeExcel(data, outputPath, options = {}) { ensureDir(path.dirname(outputPath)); ... XLSX.writeFile(wb, outputPath); }Confirm input and output paths before use, avoid protected directories, and keep backups of important spreadsheets.
Users may believe the main dependency risk was technically remediated when it was mainly documented and accepted.
The document frames high-priority issues as fixed even though it still acknowledges the unresolved xlsx vulnerability. That can understate the remaining risk.
Li_exec_handle v1.0.1 已修复所有高优先级安全问题,可以发布。... 剩余风险(xlsx 漏洞)已通过文档说明和用户告知进行缓解
Treat the self-audit documents as advisory only and verify that vulnerable dependencies are actually upgraded or replaced.