ClawHub

文档整理技能 (document-organizer)

Security checks across malware telemetry and agentic risk

Overview

This is a coherent local document-to-Markdown converter, with normal caution needed for bulk processing sensitive or untrusted files.

Use a narrow source folder and private output folder, run dry-run first, avoid administrator/root privileges unless necessary, install LibreOffice and markitdown from trusted sources, and sandbox conversion when processing files from untrusted people or locations. Do not copy cleanup commands such as recursive delete examples unless you have previewed the matched files and verified the directory.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Behavioral ASTexec() Call, eval() Call, Dynamic Import
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (7)

subprocess module call

Medium
Category
Dangerous Code Execution
Content
# 直接生成 .md 文件到目标目录
            cmd = [soffice_path, "--headless", "--convert-to", "md", "--outdir", str(output_subdir)] + file_paths
            try:
                result = subprocess.run(cmd, capture_output=True, text=True, timeout=300)
                if result.returncode != 0:
                    failed.append((parent_dir, f"LibreOffice exit: {result.returncode}"))
                else:
Confidence
82% confidence
Finding
result = subprocess.run(cmd, capture_output=True, text=True, timeout=300)

subprocess module call

Medium
Category
Dangerous Code Execution
Content
# 直接生成 .md 文件到目标目录
            cmd = [soffice_path, "--headless", "--convert-to", "md", "--outdir", str(output_subdir)] + file_paths
            try:
                result = subprocess.run(cmd, capture_output=True, text=True, timeout=300)
                if result.returncode != 0:
                    failed.append((parent_dir, f"LibreOffice exit: {result.returncode}"))
                else:
Confidence
82% confidence
Finding
result = subprocess.run(cmd, capture_output=True, text=True, timeout=300)

subprocess module call

Medium
Category
Dangerous Code Execution
Content
try:
                print(f"    [DEBUG] CMD: {' '.join(cmd)}")
                print(f"    [DEBUG] 处理 {len(xls_files)} 个 .xls 文件: {[f.name for f in xls_files]}")
                result = subprocess.run(cmd, capture_output=True, text=True, timeout=600)  # 增加超时
                if result.returncode != 0:
                    error_msg = f"LibreOffice exit {result.returncode}: {result.stderr or result.stdout}"
                    print(f"    [ERROR] {error_msg}")
Confidence
88% confidence
Finding
result = subprocess.run(cmd, capture_output=True, text=True, timeout=600) # 增加超时

subprocess module call

Medium
Category
Dangerous Code Execution
Content
# 使用通配符方式(LibreOffice 支持自动展开)
            cmd = [soffice_path, "--headless", "--convert-to", "pptx", "--outdir", str(temp_subdir), str(temp_subdir / "*.ppt")]
            try:
                result = subprocess.run(cmd, capture_output=True, text=True, timeout=300)
                if result.returncode != 0:
                    failed.append((parent_dir, "LibreOffice failed"))
                    shutil.rmtree(temp_subdir, ignore_errors=True)
Confidence
87% confidence
Finding
result = subprocess.run(cmd, capture_output=True, text=True, timeout=300)

subprocess module call

Medium
Category
Dangerous Code Execution
Content
else:
                    cmd = markitdown_cmd + [str(src_file), "-o", str(output_file)]
                
                result = subprocess.run(cmd, capture_output=True, text=True, timeout=300)
                if result.returncode == 0:
                    success += 1
                else:
Confidence
84% confidence
Finding
result = subprocess.run(cmd, capture_output=True, text=True, timeout=300)

subprocess module call

Medium
Category
Dangerous Code Execution
Content
else:
                        cmd = markitdown_cmd + [str(src_file), "-o", str(output_file)]
                    
                    result = subprocess.run(cmd, capture_output=True, text=True, timeout=300)
                    if result.returncode == 0:
                        success += 1
                    else:
Confidence
84% confidence
Finding
result = subprocess.run(cmd, capture_output=True, text=True, timeout=300)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The example includes a destructive deletion command (`find . -name "~$*" -delete`) without warning, path scoping guidance, or safer preview steps. In documentation, users often copy-paste commands directly, so an insufficiently constrained deletion example can cause unintended data loss if run from the wrong directory or against unexpected files.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal