docx

This skill is an authoring/editing workflow guide for .docx files. I found no indicators of deliberate malicious behavior, credential harvesting, or external data exfiltration. The main risks are operational: (1) the repeated mandatory full-file read directives (docx-js.md and ooxml.md) which could lead to processing large or crafted files without limits, and (2) the need to run user-authored Python/JS scripts and install system-wide packages (apt, npm, pip) — both require the user to trust and sandbox those actions. No suspicious network endpoints, obfuscated code, or hardcoded secrets are present. Recommend treating the unpack/modify/pack steps and any installed tooling as potentially risky and performing them in a restricted sandbox on untrusted documents.