100Critical
The skill uses external binaries and handles files without robust input
Behavior Analysis
Description verified — behavior matches claim
Claims to do
office-toolkit: 处理 Office 文档:Word(.docx)、Excel(.xlsx/.csv)、PPT(.pptx)、PDF。
Actually does
This skill processes local Word (.docx), Excel (.xlsx/.csv), PowerPoint (.pptx), and PDF files. It uses Python libraries (`python-docx`, `openpyxl`, `python-pptx`, `pypdf`) and external command-line tools (`pandoc`, `soffice` from LibreOffice) to read, create, edit, merge, split, and rotate these document types.
Skill Info
Nameaxelhu/openclaw-office-toolkit
Registryclawhub
Version1.0.0
PURLpkg:clawhub/axelhu/openclaw-office-toolkit@1.0.0
Downloads1,163
Installs2
Source
SHA-256572d8733350b...
SHA-1d1e6e27a8940...
MD5c58df9b21a0c...
TLSHf5b1f94dc9e1...
ssdeep96:RXMBgo12f...
Size5,512 bytes
Install
This skill has been flagged as potentially malicious. Review the findings below before installing.
ClawHubDocs
openclaw skills install axelhu/openclaw-office-toolkitAssessments (1)
AI Agent Traps ↗Shell command execution function detectedcriticalcommand execution
Shell command execution function detected
100% confidenceline 45
subprocess.run
Command Execution via Pandochighcommand execution
The skill uses `subprocess.run` to invoke the `pandoc` external binary. If the input filename is user-controlled, this could lead to command injection or arbitrary file reads, potentially exfiltrating sensitive data.
90% confidenceline 45
subprocess.run(['pandoc', '--track-changes=all', 'file.docx', '-t', 'markdown'])
Implied Command Execution via LibreOfficemediumcommand execution
The skill explicitly states the agent will use LibreOffice (`soffice`) for complex document handling and validation. Invoking this powerful external application with untrusted input could lead to command execution or resource abuse.
80% confidenceline 227
LibreOffice 路径:`soffice` 或 `libreoffice`(已安装)
Broad File System Access with Limited Validationlowdata exfiltration
The skill's core functionality involves reading and writing various document types. While a basic file existence check is mentioned, there's no explicit robust input validation or sandboxing for file paths, which could allow access to unintended files or directories.
70% confidenceline 228
收到文件路径时,先检查文件是否存在:`pathlib.Path(path).exists()`
Badge
Markdown
[](https://mondoo.com/ai-agent-security/skills/clawhub/axelhu/openclaw-office-toolkit)HTML
<a href="https://mondoo.com/ai-agent-security/skills/clawhub/axelhu/openclaw-office-toolkit"><img src="https://mondoo.com/ai-agent-security/api/badge/clawhub/axelhu/openclaw-office-toolkit.svg" alt="Mondoo Skill Check" /></a>Image URL
https://mondoo.com/ai-agent-security/api/badge/clawhub/axelhu/openclaw-office-toolkit.svgSecure your AI agents
Skills can read files, run commands, and access credentials. Mondoo helps organizations manage the security risks of AI agent skills across their entire fleet.
- Continuous scanning of skills across all registries
- Policy enforcement before skills reach your agents
- Integration with your existing security workflow