bruce-doc-converter-skill
PassAudited by VirusTotal on May 7, 2026.
Overview
Type: OpenClaw Skill Name: bruce-doc-converter Version: 1.0.0 The bruce-doc-converter skill is a utility designed to convert between Office documents (Word, Excel, PowerPoint), PDFs, and Markdown. The SKILL.md file provides clear, task-aligned instructions for the agent to install the 'bruce-doc-converter' package using standard Python tools (pip, pipx, uv) and execute conversion commands. While it involves shell execution and network access for installation, these are necessary for its stated purpose, and the documentation includes helpful troubleshooting for common environment issues without any evidence of malicious intent, data exfiltration, or harmful prompt injection.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing the skill may execute third-party package code on the local machine.
The skill relies on installing an external package that is not bundled with the reviewed artifacts and is not version-pinned.
pipx install bruce-doc-converter ... uv tool install bruce-doc-converter ... pip install --user bruce-doc-converter
Install it only from a trusted package source, prefer an isolated environment such as pipx or a venv, and pin or verify the package version when possible.
If the CLI output is unexpected or compromised, the agent could run a local command the user did not explicitly approve.
This tells the agent to execute a command supplied in the CLI's JSON response, but the skill does not whitelist the allowed command or require user confirmation.
If Markdown to Word returns `DEPENDENCY_INSTALL_REQUIRED`, run `next_command` when present, otherwise run `bdc setup-node`, then retry.
Only run known setup commands such as `bdc setup-node`, validate any `next_command` before execution, and ask the user before running dynamically supplied commands.
Private document contents may become visible to the agent during conversion and analysis.
The skill intentionally places converted document contents into the agent's working context so they can be read or analyzed.
Office/PDF inputs include `markdown_content` for direct analysis.
Use the skill only on documents you are comfortable having the agent read, and avoid broad batch conversion of sensitive folders.