Dwg To Excel
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: dwg-to-excel Version: 2.0.0 The skill is designed to convert DWG files to Excel using a local `DwgExporter.exe` CLI tool. The Python code correctly uses `subprocess.run` with a list of arguments, which prevents shell injection vulnerabilities when invoking the external executable. The `filesystem` permission declared in `claw.json` is necessary and justified for this purpose. Both `SKILL.md` and `instructions.md` provide clear, benign instructions for the AI agent and lack any evidence of prompt injection attempts, data exfiltration, persistence mechanisms, or other malicious behaviors. The skill's implementation aligns with its stated purpose without introducing undue risk.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A local DwgExporter executable may be executed against user-selected DWG files.
The skill directs the agent to invoke a local executable as part of the conversion workflow. This is expected for the stated purpose, but users should recognize that a local binary will be run.
Run DwgExporter CLI to extract data: layers, blocks, attributes, geometry
Use only a trusted DwgExporter.exe from a known source and confirm the input/output paths before running conversions.
If the local DwgExporter executable is untrusted or replaced, the skill could run that binary during normal use.
The core converter is an external local dependency, but the artifacts do not provide an install source, pinned version, checksum, or bundled executable. This is not deceptive, but it leaves trust in the user's local installation.
DwgExporter CLI must be installed locally (filesystem permission for execution)
Install the converter from a trusted source, keep it in a known path, and avoid running unexpected copies of DwgExporter.exe.
A broad batch command could create many Excel/PDF outputs and process sensitive CAD files throughout a folder tree.
The documentation includes a recursive batch-conversion example. It is purpose-aligned and user-directed, but broad folder selection could process many project files at once.
for /R "C:\Projects" %f in (*.dwg) do DwgExporter.exe "%f"
Run batch conversion only on intended project folders and review the scope before processing recursively.