file-processor
PassAudited by ClawScan on May 1, 2026.
Overview
The skill appears to do the advertised local file extraction and previewing, with no evidence of exfiltration, persistence, credential use, or destructive behavior.
This skill looks safe for its stated purpose, but install dependencies carefully and only process files you are comfortable sharing with the agent. Treat extracted file text as untrusted content.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing these packages means trusting their maintainers and whatever versions are current at install time.
The skill asks the user to install third-party Python packages directly and without version pins. This is a normal setup step for document parsing/OCR, but it creates a dependency trust consideration.
pip install pdfplumber openpyxl python-docx pytesseract pillow
Use a virtual environment, install from a trusted package index, and consider pinning known-good package versions.
If invoked on a sensitive or unintended file, parts of that file may be displayed in the chat.
The processor acts on whichever local file path is supplied. This is expected for a file-processing tool, but an unintended path could reveal a preview of the wrong file.
filepath = sys.argv[1]
Only use the skill on files you intentionally want the agent to read and summarize.
Sensitive document contents may become part of the conversation, and malicious text embedded in a document should not be treated as instructions.
The skill places extracted file text into the agent-visible output. This is purpose-aligned, but document text may include private information or untrusted instructions.
result += f"\n📝 内容预览:\n{content[:1500]}"Review files before processing them and treat extracted document text as untrusted content, not as commands for the agent.