文档内容总结 Summary & Analysis txt/docx/pdf/xlsx/xls
v1.0.4local document summary & analysis tool. triggers: 帮我总结, 总结文件, 分析文档, 分析总结, 总结一下, 分析一下 summarize for me, analyze for me, summarize the file, analyze the docume...
⭐ 0· 409·1 current·1 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The name/description, SKILL.md, and file2sum.py all describe the same capability: extract text from local txt/docx/pdf/xlsx/xls files and hand the text to the OpenClaw LLM for summary/analysis. Required capabilities and files are proportional to that purpose.
Instruction Scope
Runtime instructions and the script only read a single user-specified local file path and print its text (or an error starting with ❌). The SKILL.md explicitly warns that extracted content is sent to the OpenClaw LLM; the code itself does not contact external endpoints. The instructions do not request unrelated files, credentials, or system configuration.
Install Mechanism
There is no packaged install spec, but the script will auto-install required Python packages at runtime using pip (subprocess.check_call). This pulls packages from PyPI over the network and runs their install-time code; while expected for a Python-based document reader, it is a moderate operational risk (modifies environment, network access, potential arbitrary code execution during package installation).
Credentials
The skill declares no environment variables, no credentials, and no config paths. The script only requires a Python runtime and will install standard parsing libs (python-docx, pypdf, openpyxl, xlrd==1.2.0). These requirements are proportionate to the stated purpose.
Persistence & Privilege
The skill does not request always:true, does not modify other skills, and does not write persistent system-wide configuration. It only prints extracted content for the host agent to consume.
Assessment
This skill appears to do what it claims: extract file text and let OpenClaw LLM summarize it. Before installing/using it: 1) Do not feed sensitive or confidential documents (SKILL.md already warns that extracted content goes to the LLM). 2) Run it in a controlled Python environment (virtualenv/container) because the script auto-installs packages from PyPI at runtime; installation scripts can execute code and will modify the environment. 3) Review the few package names it installs (python-docx, pypdf, openpyxl, xlrd==1.2.0) and consider installing them yourself ahead of time to avoid automatic runtime installs. 4) If you need stricter privacy, inspect OpenClaw's export/telemetry policy to confirm where stdout is sent, or run the script locally and keep summaries offline. 5) If you want additional assurance, run the script on non-sensitive sample files first and inspect network activity during pip installs.Like a lobster shell, security has layers — review code before you run it.
Pythonvk978rv3c62mnd5yty04dbmyqah828awdanalysisvk978rv3c62mnd5yty04dbmyqah828awddocumentvk978rv3c62mnd5yty04dbmyqah828awddocxvk978rv3c62mnd5yty04dbmyqah828awdfilevk978rv3c62mnd5yty04dbmyqah828awdlatestvk970whd5z1h9t41t6b1q4yd60d8287pzmultilingualvk978rv3c62mnd5yty04dbmyqah828awdpdfvk978rv3c62mnd5yty04dbmyqah828awdsummaryvk978rv3c62mnd5yty04dbmyqah828awdtxtvk978rv3c62mnd5yty04dbmyqah828awdxlsvk978rv3c62mnd5yty04dbmyqah828awdxlsxvk978rv3c62mnd5yty04dbmyqah828awd
License
MIT-0
Free to use, modify, and redistribute. No attribution required.