Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Docx
v1.0.0Comprehensive document creation, editing, and analysis with support for tracked changes, comments, formatting preservation, and text extraction. When Claude...
⭐ 0· 291·1 current·1 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Files and scripts (unpack/pack/validation and OOXML validators) align with a document-authoring/validation skill; the included code implements the expected capabilities (text extraction, raw XML access, tracked-changes handling). However metadata declares no required binaries or environment, yet the SKILL.md and scripts rely on external tools (pandoc, Node/npm docx, soffice/LibreOffice, Python with lxml/defusedxml). The absence of declared runtime dependencies is an incoherence.
Instruction Scope
SKILL.md explicitly instructs the agent to run local Python scripts (ooxml/scripts/unpack.py, pack.py, validate.py) and to use pandoc and docx-js (Node) for some flows. It also mandates reading long local docs entirely (docx-js.md, ooxml.md). The instructions do not request or transmit data to external endpoints, nor do they reference unrelated system paths or credentials. The main concern is that the instructions assume external programs and node modules that are not listed as required, and they instruct broad file read/modify operations on .docx unpacked directories which should be run carefully and ideally in a sandbox.
Install Mechanism
This is an instruction- plus code bundle with no install spec. No network downloads or external installer URLs are used; scripts are included in the skill itself. That reduces supply-chain risk compared with arbitrary download-based installs. However, the included scripts will be executed (Python), so the absence of an install step only lowers install-time risk, not runtime risk from executing the provided code.
Credentials
The skill declares no environment variables or credentials (which is appropriate), but it implicitly requires system binaries and libraries (python, pandoc, Node/npm with docx package, and optionally soffice/LibreOffice and lxml/defusedxml). Those runtime requirements are not declared in requires.* metadata. Also LICENSE.txt claims Anthropic ownership and additional restrictions; the repo owner ID does not clearly match Anthropic. That licensing/ownership mismatch is notable and should be clarified before use.
Persistence & Privilege
No special persistence or always:true privilege is requested. The skill does not declare any system-wide config changes. It contains scripts that operate on local unpacked document directories but does not attempt to modify other skills or system agent configuration.
What to consider before installing
What to check before installing or running this skill:
- Confirm provenance and license: LICENSE.txt claims Anthropic, but the skill source and owner metadata are 'unknown' — verify you have the right to use these materials under the stated license before proceeding.
- Environment requirements: SKILL.md and the scripts expect Python (with lxml and defusedxml), pandoc, Node/npm and the 'docx' Node package, and optionally LibreOffice/soffice for validation. Those are not listed in the skill metadata; install and run the skill only after you provision these tools in a controlled environment.
- Run in a sandbox: The scripts unpack, modify, and repack Office files on disk. Test on non-sensitive sample documents in an isolated environment first.
- Review the code yourself or with a developer: The included Python scripts call subprocess.run (soffice) and perform filesystem I/O — while no network/exfiltration was found, you should audit any code before giving it access to important documents.
- If you need automatic agent invocation: the skill can be invoked autonomously by the agent (default), but that is not flagged here — if you plan to allow autonomous runs, be cautious since the skill will read and modify .docx content when invoked.
If you want, I can list the exact external binaries/libraries the SKILL.md and scripts require and suggest a minimal sandbox command sequence to test the skill safely.Like a lobster shell, security has layers — review code before you run it.
latestvk973ezzraw2xh1wmhysb4fmsnd837qec
License
MIT-0
Free to use, modify, and redistribute. No attribution required.