Office Generator Py
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: office-generator-py Version: 1.0.0 The skill bundle is a legitimate utility for generating Word, Excel, and PowerPoint documents using standard Python libraries (python-docx, openpyxl, python-pptx). The code is well-structured, utilizes Pydantic for input validation, and follows safe subprocess execution patterns by passing arguments as lists rather than shell strings. While the generators allow including local images via file paths (e.g., in docx_generator.py and pptx_generator.py), this is a standard feature for document creation and the underlying libraries would typically fail if non-image sensitive files were targeted. No evidence of data exfiltration, persistence, or malicious prompt injection was found.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Using the skill runs local Python scripts on your machine to install dependencies and generate files.
The skill explicitly asks the user/agent to run bundled Python setup code. This is expected for a Python-based Office generator, but it means use of the skill executes local code.
Install Python dependencies into the bundled virtualenv: ```bash python3 skills/office-generator-py/scripts/setup_engine.py ```
Run it only from a trusted copy of the skill, preferably as a normal user in an isolated environment.
Future installs could pull different dependency versions than the author tested, which slightly increases supply-chain and reproducibility risk.
The dependency list uses package names without pinned versions, so first-run setup will resolve whatever versions are current from the package source at install time.
python-docx docxtpl openpyxl XlsxWriter python-pptx pydantic
If using in a sensitive environment, pin and review dependency versions or install from a trusted package mirror.