Docx Template Strict
PassAudited by VirusTotal on May 7, 2026.
Overview
Type: OpenClaw Skill Name: docx-template-strict Version: 1.0.0 The docx-template-strict skill is a utility for populating Word document templates while maintaining layout integrity. The core logic in scripts/fill_template.py uses zipfile and lxml to perform XML-based text and image replacement, which is consistent with its stated purpose. No indicators of data exfiltration, unauthorized execution, or malicious intent were found.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The script can read the selected template, data JSON, and image files, then create or replace the specified output DOCX.
The documented use runs a bundled local Python script. This is expected for the skill's DOCX-processing purpose, but users should understand it executes code against local files they provide.
python3 ~/.openclaw/skills/docx-template-strict/scripts/fill_template.py --template "/path/to/template.docx" --out "/path/to/output.docx" --data "/path/to/data.json"
Run it only on intended local files and choose an output path where replacement is acceptable.
If lxml is not already available, the skill may fail or the user may need to install a Python dependency separately.
The script depends on the lxml Python package while the provided install metadata declares no install spec or required binaries. This is a dependency clarity note, not evidence of hidden installation or unsafe behavior.
from lxml import etree
If a dependency must be installed, obtain it from a trusted package source and avoid running unreviewed substitute code.