by 安全扫描
OpenClaw
可疑
medium confidenceThe skill's stated purpose (working with .xlsx files) matches its runtime commands, but the SKILL.md instructs the agent to download-and-execute an installer from a remote GitHub URL (no install spec in metadata), which is disproportionate and raises a non-trivial supply-chain and execution risk.
评估建议
This skill appears to do what it says (xlsx editing) but instructs the agent to download-and-run an installer from a remote GitHub URL — a risky supply-chain action. Before installing or allowing autonomous use: 1) Inspect the installer script at https://raw.githubusercontent.com/iOfficeAI/OfficeCli/main/install.sh manually (do not run it blind). 2) Prefer an install method with signed releases or checksums (GitHub releases with checksums) or use a vetted package from your OS package manager. 3)...详细分析 ▾
ℹ 用途与能力
Name/description align with the CLI usage shown: all commands operate on .xlsx workbooks and related artifacts. However, the package metadata contains no install specification even though the runtime instructions mandate installing a third-party 'officecli' binary — that mismatch (instructions expect a network-installed binary not declared in the registry metadata) is noteworthy.
⚠ 指令范围
SKILL.md tells the agent to run shell commands that download and execute a remote install script (curl | bash) and to call GitHub APIs. It also exposes a 'raw-set' XML escape hatch that allows arbitrary XML modifications. These are within spreadsheet manipulation functionally, but downloading/executing remote scripts and providing a raw XML write path significantly expands what the agent will do beyond simple file parsing/editing and could be abused to run arbitrary code or alter system state.
⚠ 安装机制
No formal install spec is registered, yet the instructions require fetching https://raw.githubusercontent.com/iOfficeAI/OfficeCli/main/install.sh and executing it. This is a high-risk pattern (remote script download-and-execute) because the script's contents are not provided, there's no checksum/signature, and the source 'iOfficeAI/OfficeCli' is not verified in the registry metadata.
✓ 凭证需求
The skill does not request environment variables, credentials, or config paths. All declared operations relate to spreadsheet files and local CLI commands, so requested secrets/access are proportional to the stated purpose.
ℹ 持久化与权限
always:false and no system-level modifications are declared. However, the agent is allowed to invoke the skill autonomously (default) and the instructions include installing/upgrading a CLI from the network — combining autonomous invocation with automatic remote installer execution increases blast radius if the installer or upstream repo is compromised.
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv1.0.22026/3/30
- Added detailed documentation files: creating.md (for creating spreadsheets) and editing.md (for editing existing workbooks). - Quick Reference section now links directly to these new guides for easier access to task-specific instructions.
● 可疑
安装命令
点击复制官方npx clawhub@latest install officecli-xlsx
镜像加速npx clawhub@latest install officecli-xlsx --registry https://cn.longxiaskill.com