ClawHub

Xlsx Anthropic

ReviewAudited by ClawScan on May 10, 2026.

Overview

The spreadsheet skill is mostly purpose-aligned, but its LibreOffice helper can load a native library from a fixed shared temp path, which is a material local code-execution safety concern.

Treat this as a useful but review-worthy spreadsheet skill. It does not show exfiltration or credential abuse, but spreadsheet recalculation may run LibreOffice and load a native helper from the temp directory. Prefer using it in an isolated environment and ask for the temp-file/LD_PRELOAD behavior and dependency declarations to be fixed before relying on it for sensitive work.

Findings (2)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Medium
#ASI05: Unexpected Code Execution
What this means

On a shared or compromised local environment, recalculating spreadsheets could cause LibreOffice to load unexpected native code.

Why it was flagged

The helper can LD_PRELOAD a native shared library from a fixed temp-file path and reuses an existing file without validating its contents or ownership. If that file is stale or planted in a shared temp directory, LibreOffice could load unintended native code.

Skill content
_SHIM_SO = Path(tempfile.gettempdir()) / "lo_socket_shim.so"
...
if _SHIM_SO.exists():
    return _SHIM_SO
...
env["LD_PRELOAD"] = str(shim)
Recommendation

Use only in a trusted/sandboxed environment until fixed. The maintainer should create the shim in a private per-run directory with restrictive permissions, refuse preexisting files, verify the compiled artifact, and avoid LD_PRELOAD when possible.

Low
#ASI04: Agentic Supply Chain Vulnerabilities
What this means

The skill may run or require local programs that are not obvious from the registry metadata, and it may fail or behave differently depending on the host environment.

Why it was flagged

The metadata does not declare runtime binaries, but SKILL.md states LibreOffice is required and the included soffice helper invokes local binaries such as soffice and gcc. This is under-declared rather than clearly malicious.

Skill content
Required binaries (all must exist): none ... Install specifications: No install spec — this is an instruction-only skill.
Recommendation

Declare LibreOffice/soffice and any compiler dependency explicitly, or make the native shim optional and user-approved.