ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

sanxin_form_filler1

v1.0.0

智能申报表填写工具。将申报报告内容智能填入申请表对应位置,保持原文档格式,新内容格式统一。适用于各类 Word 表格申请表自动填写。

0· 180·0 current·0 all-time
by@fanqing203

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for fanqing203/sanxin.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "sanxin_form_filler1" (fanqing203/sanxin) from ClawHub.
Skill page: https://clawhub.ai/fanqing203/sanxin
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Required binaries: python
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install sanxin

ClawHub CLI

Package manager switcher

npx clawhub@latest install sanxin
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
The description and SKILL.md state the tool will '智能' (automatically) map申报报告 contents into the application form. However, the runtime code (scripts/form_filler.py and example_usage.py) does not read or parse source_doc to extract sections — it only accepts a pre-built content_map provided by the caller. That is a functional mismatch: the skill advertises automatic extraction/mapping but the implementation requires manual mapping.
!
Instruction Scope
Instructions and docs indicate use of win32com to read Word structure and 'recognize each chapter', but the actual code only opens a form_doc, iterates table rows, and inserts text from content_map. The code does open and save Word documents (doc = word.Documents.Open(form_doc); doc.SaveAs2(...)), and sets word.Visible = True. While it does not perform network calls, opening Word documents may trigger macros, external templates, or OLE content in the documents — the skill does not mention sanitizing or disabling macros.
Install Mechanism
No install spec in the registry, but SKILL.md suggests pip install pywin32. That is a standard dependency for Windows Word automation and not inherently risky. There are no downloads from untrusted URLs and no archive extraction directives.
Credentials
The skill requests no environment variables, no credentials, and no config paths — this matches the stated local-file Word automation use-case.
Persistence & Privilege
always:false and no indication the skill modifies other skills or system-wide agent settings. It runs as an on-demand script and does not request elevated or persistent platform privileges.
What to consider before installing
Key things to consider before installing or running: 1) Functional mismatch: the skill claims automatic extraction from a report but the provided code does not parse source_doc — you must supply content_map manually or implement extraction yourself. 2) Windows-only: it relies on pywin32 and Microsoft Word/WPS; it won't work on Linux/macOS. 3) Safety: Word automation can execute macros or load remote templates; do not run this on untrusted documents and test only on copies. 4) Inspect code: review scripts/form_filler.py to confirm behavior and add protections (disable macros, open in protected view, or sanitize input) if you plan to run it on real reports. 5) If you need genuine automatic extraction, request or implement a parser that reads source_doc and builds content_map — as-is the skill does not provide that. If you are comfortable with these limitations and will run on trusted files/copies, the code itself performs only local file I/O and Word automation (no network exfiltration found).

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

📝 Clawdis
Binspython
latestvk97acn6prs4ttq7715093ea5ns837g4y
180downloads
0stars
1versions
Updated 20h ago
v1.0.0
MIT-0
@fanqing203
latest
Download

Form Filler - 智能申报表填写工具

功能说明

将申报报告内容智能填入申请表对应位置:

  • 自动识别申请表表格结构
  • 将申报报告各章节内容匹配到对应位置
  • 保持原文档格式不变
  • 新内容格式统一(宋体、小四、黑色、无下划线、不加粗)
  • 自动调整表格行高,避免内容被遮挡

使用场景

  • 医疗新技术申报表
  • 科研项目申报表
  • 各类 Word 表格申请表

使用方法

基本用法

请帮我填写申报表:
- 申报报告:C:\path\to\申报报告.docx
- 申请表:C:\path\to\空表申报表.doc

指定格式

请帮我填写申报表,格式要求:
- 字体:宋体
- 字号:小四
- 颜色:黑色
- 无下划线、不加粗

技术要点

1. 读取文档结构

  • 使用 win32com 读取 Word 表格结构
  • 识别每个章节的行号位置
  • 保留原有标题

2. 内容填写

  • 在标题后插入内容
  • 不覆盖原有标题
  • 处理控制字符(\x07)

3. 格式控制

  • 标题和内容分开设置格式
  • 使用 Range 对象精确控制格式范围

4. 表格调整

  • 设置行高为自动(HeightRule = 0)
  • 允许跨页(AllowBreakAcrossPages = True)

关键问题解决

问题1:原有格式被改变

解决方案:将标题和内容分开处理,只对新内容设置格式

问题2:内容被表格遮挡

解决方案:设置表格行高为自动

问题3:出现控制字符 x0007

解决方案:清理文本中的控制字符 \x07

问题4:项目名称位置

解决方案:查找"新技术新项目名称:"后插入

注意事项

  1. 确保原始空表格式正确
  2. 内容不要过长,避免表格过度扩展
  3. 填写后建议手动检查格式
  4. Windows 系统需要安装 pywin32

示例

用户:帮我填写申报表:
- 申报报告:C:\Users\xxx\Downloads\申报报告.docx  
- 申请表:C:\Users\xxx\Desktop\空表申报表.doc

助手:我来帮你填写...
[执行填写脚本]
已完成!保存到:申报表_已填写.docx

依赖

  • Python 3.x
  • pywin32 (pip install pywin32)
  • Microsoft Word 或 WPS

Comments

Loading comments...