Skillv1.0.0

ClawScan security

Feihong Word Docx · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignApr 27, 2026, 5:55 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill is an instruction-only guide for DOCX/Word editing and its requirements and behavior are coherent with that purpose; nothing in the package requests unrelated credentials, installs, or system access.
Guidance: This skill is a content-first, OOXML-aware guide for working with .docx files and appears internally consistent. Before installing: (1) note the minor metadata/version mismatch in the package and confirm the source if that matters to you; (2) remember the skill itself has no code and does not upload files, but the agent or connectors you give file access to might — verify which tools/connectors will be used to open, edit, or transmit documents; (3) avoid giving external APIs or cloud storage credentials to the agent unless you trust the destination; and (4) if you require guarantees about not leaking document contents (sensitive/legal), review the agent's runtime logs and connector privacy controls before using this skill on confidential documents.
Findings: [no_code_files] expected: The regex-based scanner had no code files to analyze — this is expected for an instruction-only skill. Absence of findings is not proof of safety but is coherent here.

Purpose & Capability: noteThe name/description (Word / DOCX editing) matches the SKILL.md content which is a detailed, OOXML-aware set of rules for reading and editing .docx files. Minor metadata inconsistencies: registry metadata lists version 1.0.0 and ownerId kn7b4... while the included _meta.json and SKILL.md header show version 1.0.2 and ownerId kn73vp5... — likely clerical but worth noting.
Instruction Scope: okSKILL.md is focused on parsing and editing .docx OOXML parts, tracked changes, styles, numbering, and layout — all within the stated scope. It does not instruct reading unrelated system files, contacting external endpoints, or exfiltrating data. The guidance to inspect ZIP/XML parts and related Word parts is appropriate for the skill's purpose.
Install Mechanism: okNo install spec and no code files are present (instruction-only). This minimizes installation risk — nothing is downloaded or written to disk by the skill itself.
Credentials: okThe skill declares no required environment variables, credentials, or config paths. There are no unexplained secrets requested and nothing disproportionate to a document-editing guide.
Persistence & Privilege: okalways is false and the skill is user-invocable; it does not request permanent presence or elevated platform privileges. Being instruction-only, it does not modify other skills or system settings.