Back to skill
Skillv0.1.0
ClawScan security
Office To Md V2 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 15, 2026, 4:38 AM
- Verdict
- benign
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's code, instructions, and declared dependencies are consistent with its stated purpose of converting PDF/DOC/DOCX/PPTX to Markdown, but it performs runtime shell operations (including writing temp files and attempting to install a Python package) that you should review and run in a controlled environment.
- Guidance
- This skill appears to do what it says (converting office files to Markdown). Before installing or running it: 1) Review and be comfortable with the PPTX converter's behavior — it writes a Python script to /tmp and may attempt to run `pip3 install python-pptx` automatically. If you prefer control, install python-pptx yourself in a controlled environment instead of letting the skill run pip. 2) Run the skill in an isolated environment (sandbox / container) until you trust it, because it executes shell commands (python3, unzip, pip3, rm -rf) and spawns child processes. 3) Update any hard-coded absolute paths in the examples/tests to avoid accidental access to host-specific paths. 4) Inspect or run `npm install` in a safe workspace to fetch Node dependencies from npmjs.org. If you need higher assurance, request the author/source or run the code review and dependency scans before using it with sensitive files.
Review Dimensions
- Purpose & Capability
- okThe name/description (convert office docs to Markdown) matches the included code and docs. Converters for PDF, DOCX, legacy DOC, and PPTX are present and the declared npm dependencies (mammoth, pdf-parse, turndown, word-extractor) align with the functionality.
- Instruction Scope
- noteSKILL.md and the wrapper instruct the agent to run the included Node scripts and read/write files (expected). However the PPTX converter and examples call out shell operations: creating a Python script in /tmp, executing python3, trying to pip3 install python-pptx at runtime, running unzip and rm -rf on temporary directories, and using child_process.execSync. Those steps expand the runtime scope beyond pure Node module behavior and should be reviewed before running on sensitive hosts.
- Install Mechanism
- noteThere is no formal install spec in the registry (instruction-only), but package.json and office-to-md/package.json rely on standard npm packages from npmjs.org (expected). The PPTX path includes a runtime pip3 install call (pip3 install python-pptx) invoked via execSync; that performs an external download from PyPI at runtime, which is functional but increases risk compared to declarative dependency installation.
- Credentials
- okThe skill does not request environment variables, credentials, or config paths. Example/test code references absolute paths under /root/.openclaw/workspace and a specific local .doc path (likely sample/test artifacts) but no secrets are required.
- Persistence & Privilege
- okThe skill does not request always:true, does not modify other skills, and exports a callable function. It writes temporary files (/tmp/extract_pptx.py) and output .md files next to inputs (expected behavior for a converter), but it does not assert permanent elevated privileges or persistent system-wide changes.