Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Word Converter
v0.2.0Universal Word document converter powered by MinerU API. Convert .docx and .doc files to Markdown, HTML, LaTeX, DOCX, or JSON using mineru-open-api CLI. Supp...
⭐ 0· 29·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description align with the instructions to use the mineru-open-api CLI to convert Word files. However, the SKILL.md references a required token for certain operations but the skill metadata declares no credentials or env vars. The description also mentions 'Word to PDF' but the supported conversions table and commands do not show PDF as an output — that's an unexplained mismatch.
Instruction Scope
Instructions tell the agent to run npm install -g mineru-open-api and invoke mineru-open-api commands that operate on user-specified files and write output under the user's home directory. The workflow does not instruct how to supply the 'token' (no environment variable name, no config file path, no auth flow), leaving ambiguity about where credentials come from. Otherwise, the commands are narrowly scoped to file conversion and output directories and do not attempt to access unrelated system state.
Install Mechanism
The SKILL.md recommends a global npm install (npm install -g mineru-open-api). That is a common but higher-risk install mechanism than a pure instruction-only skill because npm packages can run arbitrary postinstall scripts and will place binaries on the system. There is no install spec in the registry metadata; installation is advisory rather than automatic. This is expected for a CLI-based skill but worth attention.
Credentials
The instructions explicitly say some operations are 'token required' but the skill declares no required environment variables, no primary credential, and provides no guidance on how the token is supplied or stored. This mismatch is disproportionate: a conversion skill that needs an API token should declare how it obtains that token (env var name, config file, or interactive prompt).
Persistence & Privilege
The skill is not always-enabled and does not request elevated persistence or modify other skills. It is user-invocable and allows agent invocation (the platform default). There is no indication it tries to change global agent settings or retain permanent presence beyond advising a global npm install.
What to consider before installing
Before installing or running this skill: 1) Verify the npm package 'mineru-open-api' on the npm registry (source code, maintainers, popularity, and postinstall scripts) because global npm installs can execute code during installation. 2) Ask the skill author or documentation how the MinerU API token is supplied (environment variable name, config file, or interactive login). Do not provide credentials until you understand where they are stored and who can read them. 3) Confirm whether PDF output is actually supported (the description mentions PDF but the supported conversion list does not). 4) Prefer installing the CLI in a sandbox or container (or using a local/non-global install) if you want to minimize system-wide risk. 5) If you need more assurance, request the package's homepage/source repository or a published release URL to review before use.Like a lobster shell, security has layers — review code before you run it.
batchvk97er0aw6n1tj5bvffg1s88dmx84agz9convertervk97er0aw6n1tj5bvffg1s88dmx84agz9docvk97er0aw6n1tj5bvffg1s88dmx84agz9docxvk97er0aw6n1tj5bvffg1s88dmx84agz9htmlvk97er0aw6n1tj5bvffg1s88dmx84agz9latestvk97bg301w9ym07hkbvfzm8hxc984aapzmarkdownvk97er0aw6n1tj5bvffg1s88dmx84agz9mineruvk97er0aw6n1tj5bvffg1s88dmx84agz9multi-formatvk97er0aw6n1tj5bvffg1s88dmx84agz9officevk97er0aw6n1tj5bvffg1s88dmx84agz9textvk97er0aw6n1tj5bvffg1s88dmx84agz9transformvk97er0aw6n1tj5bvffg1s88dmx84agz9wordvk97er0aw6n1tj5bvffg1s88dmx84agz9
License
MIT-0
Free to use, modify, and redistribute. No attribution required.