ClawHub

xlsx-skill

v1.0.0

Create, read, edit Excel spreadsheets (.xlsx, .xlsm, .csv). Supports formulas, formatting, charts, pivot tables, and data analysis with pandas.

0· 131·0 current·0 all-time
by@weaglewang
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description (Excel read/write/analysis) matches the SKILL.md content (pandas, openpyxl, xlsxwriter examples). Minor mismatch: SKILL.md lists version 2.0.0 while registry metadata shows 1.0.0, and source/homepage are missing — these are provenance gaps but do not contradict functionality.
Instruction Scope
Runtime instructions are concrete Python examples that read/write .xlsx/.xlsm/.csv files and show formula/format/chart usage. The instructions do not ask the agent to read unrelated system files, secrets, or send data to external endpoints. They do recommend installing packages and optionally LibreOffice for PDF export.
Install Mechanism
No install spec in the registry (instruction-only). SKILL.md recommends pip installs (pandas, openpyxl, xlsxwriter) and optionally brew cask libreoffice. These are standard but carry normal supply-chain/system-install implications (untrusted PyPI packages or brew casks can be risky).
Credentials
The skill requests no environment variables, credentials, or config paths, which is proportionate for an offline spreadsheet-processing guide.
Persistence & Privilege
Skill is user-invocable, not always-enabled, and does not request persistent platform privileges or modify other skills. Autonomous invocation is allowed by default but not combined with other concerning requests.
Assessment
This skill is an instruction-only cookbook for using pandas/openpyxl and appears coherent with its description. Before installing or running the suggested commands: 1) prefer creating a Python virtual environment and pin package versions (pip install 'pandas==...' etc.) to reduce supply-chain risk; 2) inspect any packages you install from PyPI and avoid running code from unknown sources; 3) be cautious with .xlsm files (macros/VBA can be malicious) — SKILL.md lists .xlsm support but doesn't address macro handling; 4) note the provenance gap (no source/homepage and a version mismatch in SKILL.md), so treat this skill as community-contributed: if you need stronger assurance, ask the publisher for source code or a homepage, or run examples in an isolated environment.

Like a lobster shell, security has layers — review code before you run it.

latestvk971pnd3vpds1rbxv4c6swnmhd83cxbc

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments