ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

DocHub

v1.4.0

All-in-one document management: batch convert to Markdown, auto-categorize, full-text search, and intelligent output. 全能文档管理技能,整合文档生命周期管理与智能检索。 Trigger: init...

0· 158·0 current·0 all-time
byjuanfenglong@longjf25

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for longjf25/dochub.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "DocHub" (longjf25/dochub) from ClawHub.
Skill page: https://clawhub.ai/longjf25/dochub
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install dochub

ClawHub CLI

Package manager switcher

npx clawhub@latest install dochub
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The name/description promise local conversion and knowledge-base generation, which the included scripts implement; however there are mismatches: the SKILL.md states all original documents will be moved into workspace/raw/, but init.step1 only collects and moves directories (it explicitly skips top-level files), so individual files at the workspace root may be ignored. Also requirements.txt includes libraries for PDF/XLS legacy handling (pdfplumber, xlrd, pywin32) despite the skill claiming it only supports .docx/.xlsx—this is disproportionate to the stated narrow format support and may indicate leftover code or scope creep.
!
Instruction Scope
SKILL.md instructs interactive safety confirmation and moving/renaming original documents, which the scripts perform. But the implementation differs: init.py moves directories only (not files), normalize_names renames many filesystem entries, and convert scripts spawn subprocesses to run markitdown. The code will modify filesystem structure (move/rename directories and files) and can operate non-interactively via --yes/--force flags, so automated runs could change many files if invoked without caution. There are no instructions or code that exfiltrate data or call external network endpoints, but external dependencies (markitdown) are executed as a Python module and could contain network behavior—this is not visible here.
Install Mechanism
No install spec is present (instruction-only), so nothing is downloaded by default. A requirements.txt is included, meaning a developer/operator might pip-install the listed packages; those packages come from PyPI (markitdown required). The skill executes markitdown via 'python -m markitdown' which will run whatever markitdown is installed in the environment—verify that package before installing. No suspicious download URLs or extract operations are present.
!
Credentials
The SKILL metadata declares no required environment variables, but the code checks WORKBUDDY_WORKSPACE to determine the workspace path. That undeclared env var is used to change which files are processed. No sensitive credentials are requested, but reliance on an undocumented env var is an incoherence and could cause the skill to operate on an unexpected directory. Other environment usage is limited to standard Python execution and subprocess invocation.
Persistence & Privilege
The skill does not request permanent always-enabled status and does not modify other skills or global agent configuration. Its main privileges are filesystem changes within the determined workspace (moving and renaming files), which are consistent with a document-management tool's needs.
What to consider before installing
This skill is a local document conversion/indexer and will move and rename items inside your workspace and execute local Python modules (including markitdown). Before installing or running: 1) Back up your workspace (scripts will move and rename files). 2) Note WORKBUDDY_WORKSPACE is read by the code but not declared—ensure this env var is set deliberately or tests run from a safe test directory. 3) Review and, if needed, run the scripts on a small sample to confirm they move the files you expect (init.step1 moves directories only; single files at workspace root may be skipped). 4) Inspect/verify the markitdown package you will install (pip install) since the conversion step runs it as 'python -m markitdown'. 5) If you need non-interactive automation, be aware of --yes/--force/--skip-conflict flags which bypass interactive confirmations (including desensitization confirmation). 6) If anything seems unexpected (extra libraries for PDF/XLS support, broad renaming behavior), ask the publisher for clarification or run in an isolated environment first.

Like a lobster shell, security has layers — review code before you run it.

docsvk97dgpc06fjr4xx4emebaawcr984h9fbknowledge-basevk97dgpc06fjr4xx4emebaawcr984h9fblatestvk97dgpc06fjr4xx4emebaawcr984h9fbmarkdownvk97dgpc06fjr4xx4emebaawcr984h9fb
158downloads
0stars
6versions
Updated 2w ago
v1.4.0
MIT-0
juanfenglong@longjf25
docsknowledge-baselatestmarkdown
Download

dochub / 文档工作台

技能简介

dochub 是一个专业的文档知识库管理技能,负责将原始文档初始化为标准 Markdown 格式,提供专业的知识库文档概要与索引,并能根据检索内容分析、汇总并回复用户问题。

支持的文档格式

格式状态说明
.docx✅ 支持Word 现代格式
.xlsx✅ 支持Excel 现代格式
.doc / .xls / .pdf / .pptx / 其他❌ 不支持请先转换为 .docx 或 .xlsx

注意:dochub 仅支持处理 .docx 和 .xlsx 两种格式,其他格式文档将被跳过并提示用户。

核心功能

1. 初始化(init)

将工作区原始文档转换为标准知识库格式:

原始文档 → raw/ → 安全确认 → 检测不支持的格式 → MD转换(.docx/.xlsx) → 生成知识库概要与索引

步骤说明:

  1. 安全确认:询问用户文档是否已脱敏(不含敏感个人信息、机密数据等),必须确认后才继续
  2. 移动原始文档:将所有原始文档统一移动到工作区根目录 raw/ 文件夹
  3. 文件名规范化:只保留中文、英文、数字及中横线 -,其余字符统一替换为 -
  4. 检测不支持的格式:扫描非 .docx/.xlsx 文件,如发现则列出并提示用户这些文件将被跳过
  5. MD 文档转换:使用 markitdown 按原目录结构转换为 MD 文档
    • 仅支持格式:.docx, .xlsx
    • 转换前检查目标文件是否存在
    • 首次存在时询问用户选择「跳过」或「覆盖」,后续自动应用该选择
  6. 生成知识库概要与索引:生成 _docs_knowledge_base.md,包含:
    • 文档统计概览(总数、大小、分类数)
    • 分类目录树(可视化结构)
    • 高频关键词标签云
    • 文档详细索引(按分类组织的文件清单)

2. 增量更新

将新文档放入 update/ 目录后,运行增量更新:

  • 安全确认:同样需要先确认文档已脱敏
  • 检测新增/变更文档
  • 检测不支持的格式:列出非 .docx/.xlsx 文件并提示跳过
  • 仅转换未转换或已修改的文件
  • 更新知识库概要与索引

3. 检索与问答

支持以下检索方式:

  • 全文检索:在 MD 文档中搜索关键词
  • 分类检索:按文档分类查找
  • 语义问答:基于文档内容回答用户问题

使用方式

初始化知识库

使用 dochub 技能,初始化文档知识库

或指定工作区:

使用 dochub 技能,初始化 [指定路径] 的文档知识库

增量更新

使用 dochub 技能,增量更新文档

检索文档

使用 dochub 技能,检索 [关键词]

问答

使用 dochub 技能,回答:[问题]

目录结构

workspace/
├── raw/                        # 原始文档存放目录
├── _docs_md/                   # MD 文档输出目录
├── _docs_knowledge_base.md     # 知识库概要与索引(合并文档)
└── update/                     # 增量更新目录

依赖工具

  • markitdown 0.1.5+:MD 转换核心工具
  • python-docx:Word 文档处理
  • openpyxl:Excel 文档处理

注意事项

  1. 格式限制:dochub 仅支持 .docx 和 .xlsx 格式,其他格式(.doc/.xls/.pdf/.pptx 等)将被跳过并提示用户
  2. 安全确认:每次初始化或增量更新前,必须确认文档已脱敏
  3. 备份原始文档:初始化会修改文件名和目录结构,建议提前备份
  4. 跳过/覆盖选择:首次遇到重复文件时会询问,后续自动应用该选择
  5. 原始文档保留:转换后保留原始文档作为备份

Comments

Loading comments...