ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

superword

v1.0.0

Create, inspect, and edit Microsoft Word documents and DOCX files with reliable styles, numbering, tracked changes, tables, sections, and compatibility check...

0· 27·0 current·0 all-time
by@subaru0573
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name and description (Word/DOCX editing, styles, numbering, tracked changes, layout) align with the SKILL.md guidance. The skill does not request unrelated binaries, env vars, or config paths. One odd stray fragment appears in the description (looks like garbage text) but that is a quality issue, not a scope mismatch.
Instruction Scope
The SKILL.md contains extensive, OOXML-aware guidelines that stay on-topic for creating, inspecting, and editing .docx files (references to document parts, styles, numbering, sections, tracked changes). It does not instruct reading unrelated system files or contacting external endpoints. Note: the file is truncated in the provided excerpt and contains a nonsensical insertion in the description — this suggests sloppy editing or automated generation and means the authoring quality is uncertain.
Install Mechanism
No install spec and no code files — lowest-risk instruction-only skill. Nothing is written to disk by the skill itself and no external packages or downloads are declared.
Credentials
The skill requires no environment variables, credentials, or config paths. That is proportionate for a purely instructional DOCX-editing skill.
Persistence & Privilege
always is false and the skill is user-invocable with normal autonomous invocation enabled. This is the platform default and is reasonable for this skill given its limited footprint.
Assessment
This skill appears coherent and low-risk: it only provides editing guidelines for .docx and asks for no installs or secrets. Before installing: (1) request the full, untruncated SKILL.md from the publisher to verify no missing instructions or networking calls; (2) confirm how your agent will handle document attachments (ensure it won't upload documents to external servers unless you expect that); (3) test the skill only with non-sensitive sample documents first (especially if .docm macros may be present); and (4) ask the publisher about which runtime libraries or tools (if any) the agent will use when executing these instructions. Also note the SKILL.md contains a stray garbage phrase — that reduces confidence in authoring quality but not in coherence.

Like a lobster shell, security has layers — review code before you run it.

latestvk97f4xe96hwq8n47amjkar781n845ap0

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

📘 Clawdis
OSLinux · macOS · Windows

Comments