hwp-reader

The skill is designed to read HWP/HWPX files, which is a legitimate purpose. However, the `SKILL.md` file contains `python3 -c "..."` commands that use a `FILE_PATH` placeholder. If the OpenClaw agent directly substitutes user-controlled input into this placeholder without proper sanitization, it could lead to shell injection vulnerabilities, allowing arbitrary command execution. Additionally, the HWPX parsing code uses `xml.etree.ElementTree`, which could be susceptible to XML-based denial-of-service attacks with specially crafted HWPX files. These are vulnerabilities that allow attacks, classifying the skill as suspicious rather than benign.