ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Local File

Read, summarize, and search contents of local text, markdown, JSON, DOCX, and PDF files within authorized paths under 10MB.

MIT-0 · Free to use, modify, and redistribute. No attribution required.
0 · 171 · 1 current installs · 1 all-time installs
by@zhouhouqing
MIT-0
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
high confidence
Purpose & Capability
Name/description promise: read, summarize, and search local text/markdown/JSON/DOCX/PDF under authorized paths and <10MB. The code implements text extraction for .txt/.md/.json/.docx/.pdf which aligns with the reading capability, but it does not implement 'summarize' or 'search' features. The presence of a hardcoded Windows path ('D:\个人') is author-specific and may be inappropriate for other users.
!
Instruction Scope
SKILL.md documents read/summarize/search commands and a 10MB file-size limit. index.js only reads and extracts text; it lacks any summarize or search logic and does not check file size. The code checks allowedRoots using a simple startsWith() test without normalizing/realpath resolution, which is a weak path restriction and could be bypassed or behave inconsistently across platforms.
Install Mechanism
There is no install spec (instruction-only style), which is low-risk for arbitrary downloads. package.json lists mammoth and pdf-parse as dependencies and package-lock.json is included. No install URLs or extract-from-URL steps are present.
!
Credentials
requires.env is empty in registry metadata and SKILL.md, but index.js reads process.env.OPENCLAW_WORKSPACE as an allowed root — an undeclared environment dependency. No credentials are requested, which is appropriate, but the undeclared env var and the hardcoded 'D:\个人' path are disproportionate/unexpected and should be declared and documented.
Persistence & Privilege
always is false and there are no install hooks or code that modifies agent/system configuration. The skill does not request persistent privileges beyond reading files when invoked.
What to consider before installing
This skill partially implements a local-file reader but has several mismatches with its documentation. Before installing or enabling it: - Ask the author to explain and remove or parameterize the hardcoded path 'D:\个人' (it appears author-specific). - Require the skill to declare OPENCLAW_WORKSPACE in its metadata if it depends on that env var. - Require the code to enforce the documented 10MB size limit and to implement (or remove) summarize and search functionality described in SKILL.md. - Request path normalization and canonicalization (use path.resolve and fs.realpath) and stronger checks (not startsWith) to prevent accidental access outside allowed roots. - Audit npm dependencies (mammoth, pdf-parse) and consider running the skill in a sandboxed environment until the above fixes are made. If the author cannot justify the hardcoded path and undeclared env usage or cannot implement the documented safeguards, treat this skill as unsafe to grant file-access to.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.0.0
Download zip
latestvk971fcnn6d36gfaxafnkx40f8582hdem

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

Local File Reader

读取本地文件内容(支持 .txt, .md, .json, .docx, .pdf 等)

触发条件

用户提到:读取文件、查看文件、打开文件、读一下 xxx 文件

用法

  • 读取:read <文件路径>
  • 总结:summarize <文件路径>
  • 搜索:search <关键词> <文件路径>

限制

  • 只能读取工作区和用户明确授权的路径
  • 大文件(>10MB)会拒绝

Files

4 total
Select a file
Select a file to preview.

Comments

Loading comments…