ClawHub

Doc To Text

v0.4.0

Extract plain readable text from Word documents (.doc, .docx) using MinerU. Outputs Markdown (the closest plain-text format supported) for easy reading and p...

0· 148·0 current·0 all-time
by@mzlzyca
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description (Word -> plain text via MinerU) matches the required binary (mineru-open-api) and the single required environment variable (MINERU_TOKEN). The MINERU_TOKEN is justified for the documented 'extract' operations; no unrelated credentials or binaries are requested.
Instruction Scope
SKILL.md only instructs running the mineru-open-api CLI (flash-extract/extract), setting MINERU_TOKEN or using interactive auth, and points to mineru.net. It does not ask the agent to read unrelated files, other env vars, or transmit data to unexpected endpoints.
Install Mechanism
Install uses standard package registries: npm package 'mineru-open-api' or 'go install' from github.com/opendatalab/... — both are expected for distributing a CLI. This is normal but requires trusting those package sources; no random downloads or archive extraction from untrusted URLs are present.
Credentials
Only MINERU_TOKEN is required and is declared as the primary credential. That aligns with the documented need for a token for 'extract'/.doc processing. No extra or unrelated secrets are requested.
Persistence & Privilege
The skill is not marked always:true, does not request system-wide config changes, and is instruction-only (no bundled code). Installing the CLI is standard behavior and there is no evidence the skill modifies other skills or global agent settings.
Assessment
This skill appears to do exactly what it claims: call the mineru-open-api CLI to extract text from .doc/.docx files. Before installing, decide whether you trust the MinerU project and the npm/GitHub sources used to install the CLI. MINERU_TOKEN grants the MinerU service permission to process documents — avoid putting a high-privilege secret there, and create/restrict a token with minimal scope if possible. If you are cautious, inspect the npm package or GitHub repo (github.com/opendatalab/MinerU-Ecosystem) prior to installing, run the CLI in a sandbox or container, and revoke the token if you stop using the skill.

Like a lobster shell, security has layers — review code before you run it.

latestvk975kcc6a3aesmf15a6xs39ez18444gj

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

📄 Clawdis
Binsmineru-open-api
EnvMINERU_TOKEN
Primary envMINERU_TOKEN

Install

Install via npm
Bins: mineru-open-api
npm i -g mineru-open-api
Install via go install
Bins: mineru-open-api

Comments