Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Xlsx Cn
v1.0.1Excel 表格处理 | Excel Spreadsheet Processing. 创建、读取、编辑 Excel 文件 | Create, read, edit Excel files. 支持公式、图表、数据分析 | Supports formulas, charts, data analysis. 触发词:E...
⭐ 2· 4.7k·23 current·25 all-time
byGuohongbin@guohongbin-git
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill claims to do .xlsx/Excel processing and the repository contains many Office-related utilities (unpack/pack/validate/recalc and helpers). That generally aligns with the stated purpose. However there are two inconsistencies: (1) the meta declares this as an XLSX skill but many modules focus heavily on DOCX/PPTX validation as well (the code supports all Office types, which is fine but broader than the name implies), and (2) the LICENSE.txt (Anthropic restrictive terms) contradicts the _meta.json 'MIT' license field — this mismatch should be clarified by the author.
Instruction Scope
The SKILL.md instructs the agent to rely on LibreOffice for formula recalculation and to use provided scripts (e.g., scripts/recalc.py). The scripts themselves will write C source to a temp directory and invoke gcc to build an LD_PRELOAD shim (scripts/office/soffice.py). That runtime behavior is not obvious from the brief skill description and grants the skill the ability to compile and influence native process behavior. The SKILL.md also assumes certain Python libraries (pandas, openpyxl, lxml, defusedxml) and external binary soffice/gcc are available, but the skill does not declare these requirements explicitly.
Install Mechanism
There is no formal install spec, but the runtime code dynamically writes a C file and calls gcc to produce a shared object which is then used via LD_PRELOAD. Runtime compilation and LD_PRELOAD usage are high-risk operations (native code built on the host and loaded into processes). While the code appears to implement a legitimate shim to work around AF_UNIX restrictions for LibreOffice, compiling and preloading native code at runtime should be considered an elevated risk and should have its dependencies and behavior documented and reviewed before use.
Credentials
The skill requests no environment variables or credentials, which is proportionate. However it relies on external binaries (soffice, gcc) and Python packages that are not declared in the skill metadata. The code also sets LD_PRELOAD for the LibreOffice subprocess environment — not a secret exfiltration vector but a powerful capability that can alter native process behavior.
Persistence & Privilege
The skill is not always-enabled and does not request persistent privileges or modify other skills. Its runtime actions create temporary files and an .so in the system temp dir for the duration of use; this is not permanent persistence but is a native-level modification while in use (compiled shared object and LD_PRELOAD).
What to consider before installing
This skill largely does what its name claims (Office/XLSX processing), but there are a few red flags to consider before installing or running it:
- Runtime native compilation and LD_PRELOAD: The code writes a C source file to the temp directory and invokes gcc to build a shared object, then uses LD_PRELOAD to alter how LibreOffice communicates. This is unusual for a lightweight spreadsheet helper. If you do not trust the source, do not allow it to compile or preload native code on your system.
- Undeclared runtime dependencies: The SKILL.md and scripts expect LibreOffice (soffice), gcc, and Python packages (pandas, lxml, defusedxml, openpyxl, etc.) but the skill metadata does not list required binaries or Python dependencies. Confirm these are available in a controlled environment before use.
- License mismatch: LICENSE.txt contains restrictive Anthropic terms while _meta.json claims MIT. Ask the author to clarify licensing before redistribution.
- Safety steps: If you proceed, run the skill in an isolated environment (container or VM) with no sensitive mounts, review the C shim source and the Python scripts yourself, and restrict network and credential access. If you cannot audit the code, prefer a vetted library or a skill that explicitly declares and documents native compilation and binary requirements.
If you want, I can: (a) list the exact Python packages and binaries the scripts appear to need, (b) point out the specific lines that create and compile the shim, or (c) help draft questions to the author asking for missing dependency and license clarifications.Like a lobster shell, security has layers — review code before you run it.
chinesevk97a741p5n9xdfxyvwea35h27h81a6btdocumentvk97a741p5n9xdfxyvwea35h27h81a6btexcelvk97a741p5n9xdfxyvwea35h27h81a6btlatestvk979gr7c5qfsqc7321nz18cktx81hs06
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
📊 Clawdis