ClawHub

Office Document Extractor

Security checks across malware telemetry and agentic risk

Overview

This is a coherent offline Office-to-Markdown converter that reads user-selected documents and writes Markdown output as disclosed.

Install if you are comfortable running bundled Python code locally on documents you choose. Use explicit output paths when converting sensitive files, watch for existing .md files that could be overwritten, and review generated Markdown before sharing it or feeding it into another agent because extracted document text may contain sensitive or untrusted content.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
89% confidence
Finding
The skill advertises and instructs use of local file reads and writes, and likely also accesses environment/runtime state via Python execution, but it does not declare corresponding permissions. Even if the functionality is expected for document conversion, missing permission declarations reduce transparency and can bypass platform trust controls, causing users to grant or run more capability than is explicitly disclosed.

Description-Behavior Mismatch

Medium
Confidence
93% confidence
Finding
This workbook module exposes full spreadsheet creation, mutation, deletion, and save capabilities, which materially exceed the skill's declared extraction-only purpose. In an agent skill, unnecessary write/edit functionality increases the attack surface and enables unauthorized document modification or filesystem writes if higher-level code invokes these APIs on untrusted prompts or inputs.

Context-Inappropriate Capability

Medium
Confidence
90% confidence
Finding
The code includes document-editing and persistence operations not needed for converting spreadsheets to Markdown. In the context of an extraction skill, this capability mismatch is risky because it allows the component to alter user files or generate new files, contrary to least privilege and the advertised behavior.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal