Skillv1.0.0

ClawScan security

Official Layout Pro(公文专业排版技能包 ) · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 13, 2026, 8:09 AM

Verdict: Benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code, instructions, and requirements are consistent with a document-formatting utility that reads a .docx input, applies fonts/styles, and writes a .docx output; it does not request credentials, network access, or other unrelated privileges.
Guidance: This skill appears to be a straightforward .docx formatter. Before installing/use: 1) Ensure the required fonts are installed or provided (the README lists several Chinese fonts and Times New Roman), otherwise formatting will not match expectations. 2) Provide explicit, safe input_path and output_path values — the skill will read the input file you give it and overwrite/create the output path. 3) Put any templates you trust into the templates/ folder; inspect templates before use. 4) Make sure the runtime has python-docx available (requirements.txt pins python-docx==1.1.0). 5) The skill does not perform network I/O or request credentials, but as with any file-processing tool you may prefer to run it in a sandbox or with non-sensitive test files if you have concerns. Finally, the config version in config.yaml differs from published metadata; this is likely benign but worth noting for provenance tracking.

Review Dimensions

Purpose & Capability: okName/description promise (Chinese official-document formatting) matches the code and SKILL.md: main.py reads an input .docx, applies font and paragraph rules, supports templates, file_code, and org_name. No unrelated credentials or binaries are requested. Minor metadata mismatch: config.yaml version (2.8.0) differs from registry metadata (1.0.0), but this is likely a packaging/versioning inconsistency, not a capability mismatch.
Instruction Scope: okSKILL.md describes only formatting behaviors and triggering phrases. The runtime code follows those instructions and only reads the provided input_path, optionally a template in templates/, and writes the specified output_path. There are no directives to read unrelated system files, environment variables, or transmit data externally. Note: the skill reads and writes files the caller supplies, so file paths you give can be read/overwritten by the skill (expected for a file-processing tool).
Install Mechanism: noteThere is no install spec (instruction-only at registry level), but the package includes code and a requirements.txt pinning python-docx==1.1.0. That means the runtime environment must provide python-docx; lack of an explicit install step may cause runtime failures but not an evident security risk. No remote downloads or obscure install URLs are used.
Credentials: okThe skill declares no required environment variables, credentials, or config paths and the code does not access os.environ or external auth. This is proportionate to its purpose.
Persistence & Privilege: okalways is false and the skill does not attempt to modify other skills or global agent settings. It operates only on files provided and on templates/fonts in its own directory structure.