Skillv1.0.1

ClawScan security

公文格式转换 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignApr 29, 2026, 5:59 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill is internally consistent: it is a local document-formatting tool that ships its own Python implementation and CLI, asks no credentials, and its files and instructions match the described purpose.
Guidance: This skill appears to be what it says: a local document formatter implemented as Python scripts. Before running it: 1) run it only on trusted machines and keep backups of original documents (it creates copies but double-check); 2) be cautious with .doc/.wps files from untrusted sources — opening them via Word/WPS COM automation can, in some environments, trigger macros or other Office behaviors; prefer converting suspicious files to .docx in a sandbox before formatting; 3) the tool will read/write wfp_config.json in the current directory and create temporary files (they are removed on exit); 4) ensure required runtime (python-docx, optional LibreOffice/Word) is available; 5) if you need network/audit constraints, inspect the scripts locally (they appear not to make network calls). If you want extra assurance, run the code in an isolated environment or review the full scripts for any local subprocess invocations before use.

Purpose & Capability: okName/description (公文格式转换) matches included files and behavior: Python CLI + core library that convert/format doc/docx/wps/txt/md to docx, supports config and batch processing. No unrelated credentials, external APIs, or unexpected binaries are required.
Instruction Scope: okSKILL.md instructs the agent to run the provided scripts, to read/write a local wfp_config.json, and to operate on user-supplied files/directories. It does not instruct reading unrelated system secrets or POSTing data externally. It does advise changing working directory to the skill folder or deriving the script path, which is reasonable for running local scripts.
Install Mechanism: okNo install spec; skill is instruction + bundled Python scripts. The files appear to be a self-contained Python tool (uses python-docx, optional win32com/LibreOffice) and nothing is downloaded at runtime by the skill itself.
Credentials: okThe skill declares no required environment variables, credentials, or external config paths. It reads and writes a local wfp_config.json (documented) and uses temporary files for conversion — these are proportional to its purpose.
Persistence & Privilege: okThe skill is not always-enabled and does not request elevated platform privileges. It does not modify other skills or global agent configuration. It will create/clean temporary files and may write wfp_config.json to the working directory, which is expected behavior.