gongwen-writer
v1.4.0政府公文格式文档生成器。支持所有常见文档格式输入(.md .txt .docx .pdf .html .rtf),输出符合国家标准的.docx公文格式。使用场景:产业调研报告、政策分析报告、工作报告等需要严格按照政府公文格式排版的文档。
⭐ 0· 88·0 current·0 all-time
by@wisink
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description (government doc .docx formatting) matches the included SKILL.md and the conversion script. The code paths and reference docs describe expected Word/OOXML manipulations (python-docx, XML patching for even/odd footers) that are appropriate for the stated goal. No unrelated credentials, binaries, or config paths are requested.
Instruction Scope
Runtime instructions only tell the agent to run the provided convert.py on local input files (md, txt, docx, pdf, html, rtf) and produce a .docx. The SKILL.md asks the agent to refer to SKILL_DIR for the script — no instructions direct reading of unrelated host files, environment variables, or transmitting data to external endpoints.
Install Mechanism
There is no install spec (instruction-only skill with one included script). The script relies on common Python libraries (docx, pdfminer.six, BeautifulSoup, striprtf) but does not pull arbitrary remote code during install. This is a low-risk installation surface; the package dependencies should be installed from normal package indexes by the operator if needed.
Credentials
The skill declares no required environment variables, credentials, or config paths. The behavior described (local file parsing and Word XML manipulation) does not require additional secrets, so requested privileges are proportionate.
Persistence & Privilege
always is false and the skill is user-invocable; it does not request persistent system presence or to modify other skills. The script writes only the output .docx and (by description) patches internal docx XML — these are expected for the functionality and do not imply elevated platform privileges.
Assessment
This skill appears to do what it says: convert local documents into a government-style .docx using python-docx and some XML patching. Before installing/using: (1) review and install required Python packages (python-docx, pdfminer.six, beautifulsoup4, striprtf or equivalents) in a controlled environment; (2) inspect the remainder of scripts/convert.py (the provided file was partially truncated in the review) to confirm there are no network calls, subprocess.exec/os.system calls, or attempts to read unrelated filesystem locations; (3) run conversions on non-sensitive test documents first to verify formatting and that content isn't unintentionally modified (the script performs aggressive punctuation/format cleanup and will remove bold/links and certain characters); (4) keep originals backed up; and (5) run in an isolated environment (virtualenv or container) if you have security concerns. If you want, I can scan the remainder of convert.py (the truncated portion) for unexpected behavior or network access.Like a lobster shell, security has layers — review code before you run it.
latestvk976bg5yqk1j2ea1m8jmkhq9vh83c1j9
License
MIT-0
Free to use, modify, and redistribute. No attribution required.