All Documents QA
v1.0.0Answers questions based on the content of uploaded documents (PDF, DOCX, TXT), supporting individual files or entire folders.
⭐ 0· 402·2 current·2 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
Name/description (Document Q&A) align with the included scripts: extract_txt.py, extract_docx.py, extract_excel.py, process_folder.py, and run_qa.py. The PDF extraction is delegated to a named sibling skill (iyeque-pdf-reader-1.1.0), which is consistent with the SKILL.md note. Declared dependencies (pandas/openpyxl, python-docx) match the code.
Instruction Scope
SKILL.md instructs running run_qa.py which calls process_folder.py to extract text and then prints context markers and the QUESTION. The scripts operate only on the provided file/folder path. However, process_folder.py uses subprocess.run to execute a sibling PDF reader script (reader.py) if present: that delegates PDF handling to another skill and executes local code. The skill prints the full extracted text to stdout (which becomes the model's context), so sensitive content will be exposed to the agent's model input/output.
Install Mechanism
No install spec is provided (instruction-and-script-only). No downloads or package installs are automated by the skill. The only install-time concern is that users may need to pip-install expected Python libs (python-docx, pandas, openpyxl, PyPDF2) as documented.
Credentials
The skill requests no environment variables, no credentials, and no config paths. That is proportionate to its stated purpose. The code does execute local scripts via subprocess, but does not attempt to read unrelated env vars or secrets.
Persistence & Privilege
always is false and there is no self-modifying or cross-skill configuration. The skill does execute local scripts but does not request permanent presence or elevated platform privileges.
Assessment
This skill behaves as a local document-extraction/QA helper and appears coherent, but take these precautions before installing or running it: 1) Inspect the sibling PDF reader it calls (iyeque-pdf-reader-1.1.0/reader.py) — the skill will execute that script if present, so ensure it is trusted. 2) Do not feed sensitive/private documents unless you trust the environment and the PDF reader, because the scripts print full extracted text to stdout which becomes the model context. 3) Install required Python libraries in a controlled environment (virtualenv) to avoid supply-chain risks. 4) Consider running the code in an isolated container or sandbox the first time, and review any third-party skills in your workspace for unexpected network or file-access behavior. If you can provide the contents of the PDF reader's reader.py, I can re-evaluate with higher confidence.Like a lobster shell, security has layers — review code before you run it.
latestvk97ab5xmd0t0zy5wnxnba49hzx825e10
License
MIT-0
Free to use, modify, and redistribute. No attribution required.