Skillv1.0.1

ClawScan security

DOCX Formatter · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 3, 2026, 6:47 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's code matches its stated purpose (generating formatted .docx files), but there are multiple inconsistencies and brittle pieces (broken imports, invalid example JSON, and a nonstandard installer) that make the package unreliable and warrant caution before installing or running.
Guidance: This package appears to implement what it claims (formatting .docx documents) and doesn't request secrets or network access, but it contains several practical issues you should address before running it: - Do NOT run install.sh unreviewed. It uses an unknown 'uv' command. Replace with standard commands (for example: python3 -m venv .venv && source .venv/bin/activate && pip install python-docx) or inspect what 'uv' would do on your system. - quick_api.py will fail as written: it imports 'docx_formatter' but the supplied file is named 'docx-formatter.py' (hyphens make it unimportable). Rename files or fix imports before using the API helper. - examples/content.json appears to contain unescaped double quotes inside a JSON string (invalid JSON). Fix/validate the example JSON to avoid runtime json.load errors. - The SKILL.md suggests passing an author with a literal '\n' sequence; the implementation splits on the two-character string '\\n' rather than actual newline characters—test and decide on a consistent convention (or accept real newlines). - Because the skill documents automatic triggers for politically sensitive document types, be mindful of the content you feed into the tool and your local policies for generating or storing such materials. Recommended next steps: run the code in an isolated environment (container or throwaway VM), correct the installer and import issues, validate example files, and run the test.sh only after fixing these problems. If you are not comfortable fixing the repository, treat it as untrusted/broken and avoid executing the install script on a production machine.

Review Dimensions

Purpose & Capability: noteThe name, description, and primary code (docx-formatter.py) are consistent: the script uses python-docx to produce Chinese government-style .docx documents and implements quote conversion, headings, pagination, and formatting. There are no unexpected credentials or network calls, so the requested resources are proportionate to the stated purpose.
Instruction Scope: concernSKILL.md instructs running install.sh and provides CLI usage consistent with the code, but the documentation also declares automatic trigger keywords for sensitive government/party documents (e.g., "民主生活会","述职"). The runtime instructions do not ask for unrelated system files or credentials. However, SKILL.md examples and usage examples are inconsistent with the code (see details below), which could cause the agent or user to run failing or unexpected commands.
Install Mechanism: concernThere is no registry install spec (instruction-only), but an included install.sh is present. install.sh uses a nonstandard command 'uv' (calls 'uv venv' and 'uv pip install python-docx') which is not a typical system tool and will likely fail or execute an unexpected program if 'uv' exists on the host. The installer is therefore brittle and potentially dangerous to run without review; it should be replaced with a standard venv/pip invocation.
Credentials: okThe skill declares no required environment variables, no credentials, and no system config paths. The code does not access environment variables or secrets. This is proportionate to the skill's functionality.
Persistence & Privilege: okThe skill does not request always:true, does not modify other skills, and has no installation behavior that attempts to persist credentials or modify global agent settings. It is user-invocable only (default).