The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The DocumentHub class in document_hub.py uses importlib.util to dynamically load and execute code from sibling directories (feishu-doc-creator and feishu-doc-converter). Dynamic loading from computed paths is a significant security risk if the filesystem is compromised.
[COMMAND_EXECUTION]: The skill invokes system-level binaries via subprocess.run to perform essential tasks. This includes using ffmpeg for audio/video extraction and soffice (LibreOffice) for converting Word documents to PDF. The use of hardcoded absolute paths in examples.py and document_hub.py (e.g., /Users/delta/.openclaw/workspace) exposes specific details about the developer's local environment.
[EXTERNAL_DOWNLOADS]: The check_deps.py script facilitates the installation of third-party Python libraries using pip. While it prompts for user confirmation and targets well-known packages like pandas and moviepy, it provides a mechanism for downloading and executing external code at runtime.
[PROMPT_INJECTION]: The skill processes complex, attacker-controllable file formats (PDF, Word, Excel) and converts their content into text for the agent. This constitutes an indirect prompt injection surface where malicious instructions could be embedded in documents to influence agent behavior.
Ingestion points: document_hub.py through the read() method.
Boundary markers: None.
Capability inventory: The skill possesses high-privilege capabilities including subprocess execution, filesystem writes, and network-based uploads via Feishu.
Sanitization: No sanitization is performed on the content of processed documents before it is handed to the LLM.

document-hub