Csv Parser Local
v1.0.0Parse and generate RFC 4180 compliant CSV that works across tools.
⭐ 0· 146·1 current·1 all-time
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description (RFC 4180 CSV parsing/generation) matches the SKILL.md content: guidance on quoting, delimiters, encoding, Excel quirks, etc. The skill requests no binaries, env vars, or installs — appropriate for a documentation/instruction-only skill. Minor inconsistency: the _meta.json ownerId ('kn73vp5r...') differs from the registry Owner ID ('kn7e537h...') listed in the package metadata; this is likely benign (typo or packaging mismatch) but worth verifying the source.
Instruction Scope
SKILL.md contains only parsing/generation guidance and best-practices for CSV handling. It does not instruct the agent to read arbitrary system files, access credentials, or transmit data externally. The instructions are focused and do not grant broad discretionary actions.
Install Mechanism
No install specification and no code files — instruction-only skill. Lowest-risk install profile because nothing is written to disk or fetched during install.
Credentials
Requires no environment variables, credentials, or config paths. Requested access is proportional (none) to the described functionality.
Persistence & Privilege
always:false and default autonomous invocation settings are used. The skill does not request permanent presence or elevated privileges; nothing in the package attempts to modify other skills or system-wide settings.
Assessment
This skill is instruction-only and appears internally consistent for CSV parsing/generation: safe to inspect and use. Before installing or trusting it: 1) verify the publisher/owner (the _meta.json ownerId differs from the registry Owner ID), 2) if you plan to run any code that uses these instructions, review that code (the skill itself contains no code), 3) avoid sending sensitive secrets or credentials as CSV content, and 4) test behavior on non-production/sample files first. If the publisher is unfamiliar, treat it as documentation rather than code and proceed cautiously.Like a lobster shell, security has layers — review code before you run it.
Runtime requirements
📊 Clawdis
OSLinux · macOS · Windows
latest
Quoting Rules
- Fields containing comma, quote, or newline MUST be wrapped in double quotes
- Double quotes inside quoted fields escape as
""(two quotes), not backslash - Unquoted fields with leading/trailing spaces—some parsers trim, some don't; quote to preserve
- Empty field
,,vs empty string,"",—semantically different; be explicit
Delimiters
- CSV isn't always comma—detect
;(European Excel),\t(TSV),|in legacy systems - Excel exports use system locale delimiter; semicolon common in non-US regions
- Sniff delimiter from first line but verify—header might not contain special chars
Encoding
- UTF-8 BOM (
0xEF 0xBB 0xBF) breaks naive parsers but Excel needs it for UTF-8 detection - When generating for Excel on Windows: add BOM; for programmatic use: omit BOM
- Latin-1 vs UTF-8 ambiguity—explicitly declare or detect encoding before parsing
Common Parsing Failures
- Newlines inside quoted fields are valid—don't split on
\nbefore parsing - Unescaped quote in middle of field corrupts rest of file—validate early
- Trailing newline at EOF—some parsers create empty last row; strip or handle
- Inconsistent column count per row—validate all rows match header count
Numbers & Dates
1,234.56vs1.234,56—locale-dependent; standardize or document format- Dates: ISO 8601 (
2024-01-15) only unambiguous format;01/02/24is chaos - Leading zeros in numeric fields (
007)—quote to preserve or document as string
Excel Quirks
- Formula injection: fields starting with
=,+,-,@execute as formulas—prefix with'or tab - Long numbers (>15 digits) lose precision—quote and format as text
- Scientific notation triggered by
Ein numbers—quote if literal text needed
Comments
Loading comments...