MiniMax DOCX
Security checks across malware telemetry and agentic risk
Overview
This appears to be a coherent DOCX creation and editing skill, but it uses local setup scripts and .NET code execution that users should review before use.
Before installing, review the setup script and run it only if local .NET/OpenXML tooling is acceptable. When using the skill, confirm that DOCX output is desired, keep document input/output paths explicit, and use copies or validation/diff checks for important files.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may create or edit a DOCX when the user expected only ordinary text or drafting help.
This broad routing instruction can cause the agent to select the skill for many formal writing tasks; it is aligned with the DOCX purpose but users should confirm they want a Word-document workflow.
MUST use this skill whenever the user wants to produce, modify, or format a Word document ... Even if the user doesn't mention "docx" explicitly, if the task implies a printable/formal document, use this skill.
Confirm the desired output format before invoking the skill for broad requests like reports, proposals, contracts, or formal documents.
Setup may install or configure local dependencies before the skill can be used.
The skill asks users to run a local setup script; this is normal for a .NET/OpenXML toolchain but is still an installation action worth reviewing.
First time: `bash scripts/setup.sh` (or `powershell scripts/setup.ps1` on Windows, `--minimal` to skip optional deps).
Review the setup script first, prefer the minimal option if available, and run it only in an environment where local development dependencies are acceptable.
Generated code can read and write local files within the working environment while producing or editing documents.
The skill intentionally supports generating and running C#/.NET scripts to manipulate DOCX files; this is central to its purpose but still constitutes local code execution.
When the task requires structural document manipulation ... write C# directly ... `dotnet run --project scripts/dotnet/MiniMaxAIDocx.Cli -- run-script task.csx` ... `#r "nuget: DocumentFormat.OpenXml, 3.2.0"`
Use this path only for requested document work, review generated scripts for sensitive documents, and keep input/output paths explicit.
A wrong input file, output file, or replacement instruction could alter document content unexpectedly.
The documented tools can materially change DOCX content and structure, which is expected for an editing skill but should remain user-directed.
Available CLI edit subcommands: `replace-text --find "X" --replace "Y"`, `fill-placeholders`, `fill-table`, `insert-section`, `remove-section`, `update-header-footer`
Work on copies or separate output files, preview/analyze before editing, and use the documented diff/validation steps after changes.