Docx
ReviewAudited by ClawScan on May 10, 2026.
Overview
The skill mostly matches Word-document editing, but it warrants review because some LibreOffice helpers compile or run code from predictable temporary locations.
Install only if you need local Word document automation and are comfortable running local Office tooling. Prefer an isolated workspace, pin npm dependencies, run on copies of documents, and harden or avoid the LibreOffice shim/macro paths before using conversion or accept-changes features.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
In affected environments, LibreOffice may run native code from a shared temporary path, which could be unsafe if that file was pre-created or altered locally.
When AF_UNIX sockets are blocked, the helper compiles a native shared library and preloads it into LibreOffice. If a file already exists at the predictable temp path, it is reused without verifying origin or contents.
_SHIM_SO = Path(tempfile.gettempdir()) / "lo_socket_shim.so" ... if _SHIM_SO.exists(): return _SHIM_SO ... env["LD_PRELOAD"] = str(shim) ... subprocess.run(["gcc", "-shared", "-fPIC", "-o", str(_SHIM_SO), str(src), "-ldl"], check=True, ...)
Use a per-run private directory with restrictive permissions, verify or overwrite the shim contents, avoid LD_PRELOAD where possible, and disclose the gcc/LD_PRELOAD requirement in metadata.
A preexisting or modified macro in that temp profile could be executed when the user runs the accept-changes helper.
The accept-changes flow stores and executes a LibreOffice Basic macro from a predictable temp profile, and it trusts an existing macro file if it merely contains the expected function name.
LIBREOFFICE_PROFILE = "/tmp/libreoffice_docx_profile" ... if macro_file.exists() and "AcceptAllTrackedChanges" in macro_file.read_text(): return True ... "vnd.sun.star.script:Standard.Module1.AcceptAllTrackedChanges?language=Basic&location=application"
Create the LibreOffice profile in a private temporary directory, always write the exact expected macro before execution, verify file ownership/permissions, and clean up after use.
The installed package version may change over time and a global install can affect the user's broader environment.
The skill directs installation of a global npm package without a pinned version. This is relevant to the stated document-generation purpose, but it is a reproducibility and supply-chain consideration.
Generate .docx files with JavaScript, then validate. Install: `npm install -g docx`
Pin the package version and prefer a project-local dependency or lockfile-backed setup.
The output document may permanently incorporate edits and remove the ability to review individual tracked changes in that copy.
Accepting all tracked changes is a high-impact document mutation. The workflow is disclosed and purpose-aligned, with an explicit output file, but users should notice the effect.
To produce a clean document with all tracked changes accepted ... `python scripts/accept_changes.py input.docx output.docx`
Run this only when requested, use a separate output file, and review the resulting document before sharing it.