← Back to Skills Marketplace
421
Downloads
0
Stars
3
Active Installs
1
Versions
Install in OpenClaw
/install encrypted-file-reader
Description
读取本地授权访问的加密及受保护文本、Word和Excel文件内容,支持企业安全策略环境下的合法文件读取。
README (SKILL.md)
encrypted-file-reader
读取本地加密/受保护的文件内容,支持企业安全策略环境。
功能
- 读取文本文件(.txt, .md, .java, .py, .js 等)
- 读取 Word 文档(.docx)
- 读取 Excel 表格(.xlsx)
- 自动处理特殊编码文件的解码问题
- 支持企业安全策略环境下的文件读取
- 适用于通过授权应用程序可访问的加密文件
使用方法
通过 Python 脚本调用
python D:\ai\skills\encrypted-file-reader\read_file.py \x3C文件路径>
示例
# 读取文本文件
python D:\ai\skills\encrypted-file-reader\read_file.py E:\data est.txt
# 读取 Word 文档
python D:\ai\skills\encrypted-file-reader\read_file.py E:\data est.docx
# 读取 Excel 表格
python D:\ai\skills\encrypted-file-reader\read_file.py E:\data est.xlsx
支持的扩展名
- 文本类: .txt, .md, .markdown, .rst, .log, .csv, .tsv
- 代码类: .java, .py, .js, .ts, .jsx, .tsx, .c, .cpp, .h, .cs, .go, .rs, .rb, .php, .vue
- 配置类: .json, .xml, .yaml, .yml, .toml, .ini, .cfg, .properties, .gradle, .config, .env
- 样式类: .html, .htm, .css, .scss, .sass, .less
- 脚本类: .sh, .bash, .bat, .cmd, .ps1, .sql
- Word 文档: .docx
- Excel 表格: .xlsx
输出
- 成功:输出文件内容(UTF-8 编码)
- 失败:输出错误信息
技术原理
- 文本文件: 直接读取二进制后用 UTF-8 解码
- Office 文件: 使用 zipfile 解压后提取 XML 中的文本内容
- 加密/受保护文件: 通过正确的字节处理方式处理通过授权应用程序可访问的文件内容
依赖
- Python 3.x
- 标准库(zipfile, re, sys, os)
注意事项
- 本工具仅读取用户有权限访问的本地文件
- 不支持绕过合法的文件访问控制
- 适用于企业环境中授权的文件读取场景
- 文件需要能通过系统授权的应用程序(如 Word、Excel)正常打开
法律说明
- 本工具仅用于读取用户有合法访问权限的本地文件
- 不支持绕过任何合法的文件访问控制或权限管理
- 用户应确保使用本工具符合所在组织的政策和法律法规
- 本工具通过正确的编码处理方式读取文件,不涉及破解或绕过加密
Usage Guidance
This skill appears to be a simple local reader that extracts text from plain files and Office .docx/.xlsx packages; it does not contact external endpoints or request secrets. Before installing or using it: (1) be aware it does NOT bypass password protection or decrypt truly encrypted Office files—password-protected/encrypted .docx/.xlsx will likely fail; (2) its text reader always decodes as UTF-8 despite claims of automatic encoding detection—files in other encodings may error; (3) because it reads arbitrary local files, avoid running it against highly sensitive data unless you trust the environment and have inspected the code (which is short and uses only standard libs); (4) if you need decryption of protected files, look for explicit support for Office encryption/passwords or official APIs rather than relying on this tool. If you want higher assurance, verify the referenced GitHub repository and run the script in a controlled environment with non-sensitive test files first.
Capability Analysis
Type: OpenClaw Skill
Name: encrypted-file-reader
Version: 1.0.0
The skill is classified as **suspicious**.
The `read_file.py` script, while ostensibly designed for reading various file types, includes a very extensive list of `TEXT_EXTENSIONS` that encompasses highly sensitive files such as `.env`, `.pem`, `.key`, `.crt`, `.ssh`, `.aws`, `.kubeconfig`, `.npmrc`, `.gitconfig`, `.bashrc`, `.history`, and many other configuration, credential, and log files. The script's primary function is to read the content of any specified local file and print it to standard output. While the skill's documentation (`SKILL.md`, `README.md`) explicitly states it "only reads local files the user has permission to access" and "does not bypass any legitimate file access control," the capability to read such a broad range of sensitive files, if invoked by an AI agent with elevated privileges or tricked by prompt injection, presents a significant data exfiltration risk. There is no explicit malicious intent (e.g., exfiltration to a remote server) within the code itself, but the broad file access capability makes it a high-risk vulnerability.
```json
{
"classification": "suspicious",
"summary": "The `read_file.py` script is designed to read local file content and includes an extremely broad list of `TEXT_EXTENSIONS` that covers many sensitive file types (e.g., .env, .pem, .key, .ssh, .aws, .history). While the code itself does not contain explicit data exfiltration logic or malicious commands,
Capability Assessment
Purpose & Capability
The name/description claim to read local (including protected) Office and text files. The shipped Python script reads text files, extracts XML from .docx and .xlsx ZIP packages, and uses only standard library modules—this matches the stated primary purpose. There are no unrelated environment variables, binaries, or services requested. The only mismatch: the description suggests handling 'encrypted/受保护' files accessible to authorized apps; the code does not implement decryption or password-unlocking of password-protected Office files and will fail on truly encrypted Office packages.
Instruction Scope
SKILL.md instructs running the included Python script on a local path, and provides examples; it does not instruct reading unrelated system files or exfiltrating data. Note: the documentation claims '自动处理特殊编码' (automatic handling of special encodings), but the implementation always decodes text files as UTF-8 only, so it may error on files in other encodings.
Install Mechanism
No install spec or remote downloads; the skill is instruction-only with a local Python script and standard-library dependencies. No network fetch or archive extraction during install—low installer risk.
Credentials
The skill requests no environment variables, no credentials, and no config paths. The code uses only local file I/O and standard libraries—requested access is proportional to the stated purpose.
Persistence & Privilege
always is false and the skill does not request elevated or persistent platform privileges. Autonomous invocation is allowed by default (disable-model-invocation is false) but that is normal; there is no evidence the skill modifies other skills or agent-wide settings.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install encrypted-file-reader - After installation, invoke the skill by name or use
/encrypted-file-reader - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release - Support reading 80+ text file formats, Word (.docx), and Excel (.xlsx) files. Compatible with enterprise security policy environments where files are accessible through authorized applications,just like lvdun(绿dun). Uses proper encoding handling without bypassing any encryption or access controls.
Metadata
Frequently Asked Questions
What is Encrypted File Reader?
读取本地授权访问的加密及受保护文本、Word和Excel文件内容,支持企业安全策略环境下的合法文件读取。 It is an AI Agent Skill for Claude Code / OpenClaw, with 421 downloads so far.
How do I install Encrypted File Reader?
Run "/install encrypted-file-reader" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Encrypted File Reader free?
Yes, Encrypted File Reader is completely free (open-source). You can download, install and use it at no cost.
Which platforms does Encrypted File Reader support?
Encrypted File Reader is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Encrypted File Reader?
It is built and maintained by endcy (@endcy); the current version is v1.0.0.
More Skills