Markdown to Word (.docx) Converter
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This appears to be a straightforward Markdown-to-Word converter, with the main caveat that it may install and run local document-rendering tools.
Before installing, be comfortable letting the agent read the specific Markdown/template files you choose and write the requested .docx output. Approve any pip/npm/global package installation first, and use trusted local dependencies and input files.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing these dependencies can add third-party code to the user's Python/npm environment, and the global npm install may affect more than this one skill.
The skill asks for Python and global npm dependencies that are not declared in an install spec. This is expected for generating .docx files and Mermaid diagrams, but it relies on package registry code and can modify the local development environment.
pip3 install python-docx npm list -g @mermaid-js/mermaid-cli 2>/dev/null || npm install -g @mermaid-js/mermaid-cli
Approve dependency installation explicitly, prefer a virtual environment where possible, and consider pinning or reviewing package versions before global installation.
The agent may run local conversion commands and renderers on the files you provide, which can create output files and possibly intermediate converted files.
The skill discloses that conversion may invoke local renderer/converter programs. This is consistent with the document-conversion purpose, but users should understand that local tools will process the selected Markdown and template files.
Render Mermaid diagrams to PNG via `mmdc` (mermaid-cli) and embed them as images ... On macOS, `.doc` templates are converted via the built-in `textutil`. On Linux, LibreOffice is used as fallback.
Use trusted Markdown/template files, confirm input and output paths, and ensure mmdc, Chrome, LibreOffice, or textutil are installed from trusted sources.