Word
Security checks across malware telemetry and agentic risk
Overview
This is a coherent macOS Word automation guide; it can change live Word documents and keep local notes, but the artifacts disclose those behaviors and add confirmation guardrails.
Install only if you want an agent to control live Microsoft Word on macOS. Before allowing edits, review actions, exports, or closing documents, confirm the exact document, scope, and whether a backup or copy exists. Keep the ~/word memory files free of confidential text, secrets, and personal information.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If used carelessly, the skill could make broad document changes, remove review history, overwrite exports, or close work without saving.
These are high-impact Word actions that can alter or lose user document work. The checklist frames them as risky and requires preflight checks, so this is disclosed and purpose-aligned rather than hidden behavior.
- accept all changes - reject all changes - delete comments in bulk - close without save - overwrite export targets - replace text across the whole document
Use the documented preflight checklist, confirm the exact document and scope, and require explicit user approval before destructive or document-wide changes.
Document paths, workflow preferences, and recurring document metadata may persist across future tasks.
The skill maintains persistent local notes about Word automation context. The artifacts bound this to local storage and instruct that notes be non-sensitive.
Memory lives in `~/word/`... `document-notes.md` # Non-sensitive notes about trusted documents, views, and export targets
Keep ~/word notes limited to non-sensitive paths and preferences, and avoid storing document body text, secrets, personal information, or confidential review content.
Future Word-related tasks may automatically be routed to this skill based on persistent workspace guidance.
This suggests a persistent routing instruction for future agent behavior. It is narrow and purpose-aligned, but users should keep it scoped so it does not over-route unrelated document tasks.
Add a short note to your workspace memory or AGENTS guidance saying that Word Desktop tasks should route to `word` when the job depends on the live app session.
If adding workspace guidance, make it specific to live Word sessions and review it periodically to ensure it still matches user preferences.