Skillv1.0.2

ClawScan security

Word Comments Extractor · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignApr 16, 2026, 1:54 PM

Verdict: Benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's files and runtime instructions match its stated purpose (extracting comments from .docx and having the agent polish them); it requires Word/pywin32 for page numbers and otherwise operates locally.
Guidance: This skill appears internally consistent and runs entirely on your machine, but before installing/using it consider: 1) Run it on Windows with Microsoft Word installed and install pywin32 as instructed. 2) Opening documents via the Word COM interface can cause Word to resolve external links or, in some document types, trigger macros — avoid running on untrusted documents or run inside a sandbox/VM. 3) The skill does not declare any network calls or credentials, but the agent will see the extracted comment text during polishing; if comments contain sensitive data, treat outputs and conversation history accordingly. 4) The package source/homepage is not authoritative in the metadata provided; if you require provenance, review the included script (extract_comments.py) yourself before running or request a skill with a verified upstream repository.

Purpose & Capability: okName/description, SKILL.md, and the Python script all align: the script unpacks .docx, extracts comments and anchor text, and uses Word COM (pywin32) to obtain page numbers. Requiring Microsoft Word and pywin32 is coherent with the stated page-number matching capability.
Instruction Scope: noteInstructions are narrowly scoped: run the included script on a local .docx and then let the agent polish the resulting JSON. There are no references to external endpoints or unrelated files/credentials. Note: the script opens the document through Word COM, which can have side effects inherent to launching Word (e.g., Word may resolve external links or run embedded macros in certain formats). This is an operational risk of using Word automation rather than an inconsistency with the skill's purpose.
Install Mechanism: okNo install spec beyond an instruction to pip-install pywin32 (a common Windows package for COM access). There are no downloads from arbitrary URLs or archive extraction beyond the .docx unpacking done locally by the script.
Credentials: okThe skill requests no environment variables, no credentials, and no config paths. That is appropriate for a local document-processing tool that does not interact with cloud services.
Persistence & Privilege: okThe skill is not forced-always, does not request elevated platform-wide persistence, and does not modify other skills' configs. It runs only when invoked.