ClawHub

file-processor

v1.0.0

Automatically detects and processes files including PDF, Excel, CSV, Word, images, and text for extraction, OCR, data analysis, and summarization.

0· 1.3k·19 current·19 all-time
by@ly5201314gjx
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the actual code and README: processor.py implements PDF, Excel, CSV, DOCX, TXT, and image OCR processing using the listed Python libraries. No unrelated services, credentials, or binaries are requested.
Instruction Scope
SKILL.md instructions are scoped to installing the listed Python libraries and sending files for processing. The runtime code reads only the provided file path and does not access other system files, environment variables, or external endpoints.
Install Mechanism
This is an instruction-only skill (no automated install). SKILL.md recommends pip installs from PyPI (pdfplumber, openpyxl, python-docx, pytesseract, pillow, and SKILL.py uses pandas). Installing packages from PyPI is expected for this functionality; there is no download-from-arbitrary-URL or archive extraction in the manifest.
Credentials
No environment variables, credentials, or config paths are requested. The libraries used are appropriate for the stated tasks. There are no unexpected secret accesses.
Persistence & Privilege
always:false and disable-model-invocation:false (normal). The skill does not request persistent or system-wide changes, nor does it modify other skills' configs.
Assessment
This skill appears to do what it claims: local parsing, OCR, and summaries of common file types, with no network calls or credential use. Before installing or running it: 1) install dependencies in an isolated environment (virtualenv/container) because some packages (e.g., pdf parsers, image libraries) can be exposed by maliciously crafted files; 2) note that OCR requires Tesseract to be installed on the host (SKILL.md hints at this but doesn't automate it); 3) avoid processing highly sensitive files unless you trust the skill source (owner is unknown); 4) if you need higher assurance, review or run the included processor.py in a sandbox to confirm behavior. Overall the package is internally consistent and coherent with its description.

Like a lobster shell, security has layers — review code before you run it.

latestvk97cgv2fntc56e4j3h1kqsqvex81tbd4

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments