PDF转Word
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The skill may be safe if the local converter service is trusted, but the provided package does not prove what that service actually does.
The skill depends on a local doc-converter project that is not included in the provided files, so its code and dependency provenance cannot be reviewed here.
PDF 转 Word 转换技能,基于 doc-converter 项目实现。... /home/vei/.openclaw/workspace/doc-converter/
Use only with a trusted local doc-converter installation, and inspect or publish the referenced service code and install requirements.
If the service is reachable by other local processes or exposed on a network, others could potentially call conversion or history endpoints.
The documented local API has no authentication and includes file upload, download, history, and delete endpoints. This is common for localhost tools, but it should not be exposed beyond the intended local user.
- **Base URL**: `http://localhost:3000/api/v1` - **认证**: 无 ... 无需认证,所有接口均可直接调用。
Keep the service bound to localhost, firewall it from other users/networks, and require user confirmation before uploads, deletes, or history access.
Sensitive documents may remain in local storage or conversion history after the conversion completes.
Uploaded PDFs and converted outputs are stored locally and tracked in task/file records until expiration, which matters because PDFs may contain sensitive content.
File 记录创建,文件存储到 storage ... 字段 ... storagePath ... expiresAt
Avoid uploading highly sensitive PDFs unless you trust the local storage, and provide or use cleanup controls for old files and task history.