Docx Editing

Security checks across malware telemetry and agentic risk

Overview

This is a transparent local Word-document editing skill whose main risk is accidental document changes, not hidden or malicious behavior.

Install only if you are comfortable running the pinned Safe-DOCX npm MCP server locally. Use copies or a new output path for important documents, verify the exact file before editing, keep the package version pinned, and avoid accepting tracked changes unless you intentionally want to remove revision markup.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 85% confidence
Finding: The workflow instructs the agent to perform read/locate/edit/save operations that modify user documents, but it does not explicitly require confirmation before destructive or state-changing actions. In agent contexts, this can lead to unintended edits or overwrites if the user asked for analysis or preview rather than mutation.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: Accepting tracked changes permanently removes revision metadata and redline history, which is often important for legal, audit, or collaborative review workflows. Presenting accept_changes without a strong irreversibility warning increases the risk that an agent will destroy review evidence the user intended to preserve.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal