Docx Template Strict
PassAudited by ClawScan on May 7, 2026.
Overview
This appears to be a straightforward local DOCX template-filling skill with no evidence of network access, credential use, persistence, or hidden behavior.
This skill is reasonable to install if you want local DOCX template filling. Before running it, verify the template, data JSON, image paths, and output path are the ones you intend, and only install any missing Python dependency from a trusted source.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The script can read the selected template, data JSON, and image files, then create or replace the specified output DOCX.
The documented use runs a bundled local Python script. This is expected for the skill's DOCX-processing purpose, but users should understand it executes code against local files they provide.
python3 ~/.openclaw/skills/docx-template-strict/scripts/fill_template.py --template "/path/to/template.docx" --out "/path/to/output.docx" --data "/path/to/data.json"
Run it only on intended local files and choose an output path where replacement is acceptable.
If lxml is not already available, the skill may fail or the user may need to install a Python dependency separately.
The script depends on the lxml Python package while the provided install metadata declares no install spec or required binaries. This is a dependency clarity note, not evidence of hidden installation or unsafe behavior.
from lxml import etree
If a dependency must be installed, obtain it from a trusted package source and avoid running unreviewed substitute code.