Csv Toolkit

v1.0.0

Manipulate CSV files from the command line — view, filter, sort, select columns, convert CSV to/from JSON, compute statistics, deduplicate, and merge files....

⭐ 0· 148·1 current·1 all-time

byJohn Wang@johnnywang2001

MIT-0

Download zip

LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.

Security Scan

VirusTotal

Benign

View report →

OpenClaw

Benign

medium confidence

✓

Purpose & Capability

Name/description match the SKILL.md and the included script: view, filter, sort, select, convert, stats, dedup, merge. The required resources (none) are proportionate to the stated purpose.

✓

Instruction Scope

SKILL.md instructs the agent to run the local Python script against user-supplied files and standard CLI flags. The instructions only read/write files provided via arguments and do not direct data to external endpoints, request additional environment variables, or instruct the agent to read unrelated system files.

✓

Install Mechanism

No install spec — instruction-only with a shipped Python script. There are no downloads, package installs, or extraction steps that would write or execute remote code.

✓

Credentials

The skill requests no environment variables, credentials, or config paths. The code shown uses only Python standard library modules and reads/writes only files passed on the command line.

✓

Persistence & Privilege

The skill is not always-enabled and does not request persistent privileges or modify other skills or system-wide agent settings. It runs only when invoked.

Assessment

This appears to be a straightforward local CSV toolkit that operates on files you supply. Before installing or running it: (1) Inspect the remainder of scripts/csv_toolkit.py (the provided excerpt was truncated) to confirm there are no network calls, subprocess.exec/OS.exec usage, or code that reads unexpected system paths. (2) Run the tool in a sandbox or on non-sensitive sample files first. (3) Be cautious when opening CSV outputs in spreadsheet software (Excel/Sheets) because malicious CSV cells starting with =,+,- or @ can trigger formula execution in spreadsheet apps; sanitize if you plan to open outputs in such apps. If you want, provide the full script (untruncated) and I can re-check and raise confidence to high.

Like a lobster shell, security has layers — review code before you run it.

latestvk97206wymk7sa6hbkm1pre6vw983d5dp

License

MIT-0

Free to use, modify, and redistribute. No attribution required.

Termshttps://spdx.org/licenses/MIT-0.html

Csv Toolkit

License

Comments