中文 EN

Scan Report

Scan New Files

Trusted — Risk Score 5/100
Last scan:8 hr ago Rescan
5 /100
docx
Comprehensive document creation, editing, and analysis with support for tracked changes, comments, formatting preservation, and text extraction
docx技能是一个标准的Word文档处理库,用于创建、编辑和管理.docx文件中的批注与跟踪修订。代码行为与声明完全一致,使用安全XML解析库和合法的文档验证工具(LibreOffice、git),无恶意行为或阴影功能。
Skill Namedocx
Duration83.1s
Enginepi
Safe to install
该技能可安全使用。所有外部工具调用(soffice、git)均已在SKILL.md中声明,用于文档格式验证和差异比较,属于文档处理的合理需求。
ResourceDeclaredInferredStatusEvidence
Filesystem WRITE WRITE ✓ Aligned 解压/打包docx ZIP、处理XML文件
Shell WRITE WRITE ✓ Aligned subprocess调用soffice、git用于文档验证
Network READ NONE ✓ Aligned 仅引用XML命名空间URL,无实际网络请求
Environment NONE NONE 无环境变量访问
Skill Invoke NONE NONE 无技能调用
58 findings
🔗
Medium External URL 外部 URL
https://www.anthropic.com/legal/consumer-terms
LICENSE.txt:8
🔗
Medium External URL 外部 URL
https://www.anthropic.com/legal/commercial-terms
LICENSE.txt:9
🔗
Medium External URL 外部 URL
https://www.google.com
docx-js.md:240
🔗
Medium External URL 外部 URL
http://schemas.openxmlformats.org/markup-compatibility/2006
ooxml/scripts/validation/base.py:70
🔗
Medium External URL 外部 URL
http://www.w3.org/XML/1998/namespace
ooxml/scripts/validation/base.py:71
🔗
Medium External URL 外部 URL
http://schemas.openxmlformats.org/package/2006/relationships
ooxml/scripts/validation/base.py:75
🔗
Medium External URL 外部 URL
http://schemas.openxmlformats.org/officeDocument/2006/relationships
ooxml/scripts/validation/base.py:78
🔗
Medium External URL 外部 URL
http://schemas.openxmlformats.org/package/2006/content-types
ooxml/scripts/validation/base.py:81
🔗
Medium External URL 外部 URL
http://schemas.openxmlformats.org/officeDocument/2006/math
ooxml/scripts/validation/base.py:89
🔗
Medium External URL 外部 URL
http://schemas.openxmlformats.org/schemaLibrary/2006/main
ooxml/scripts/validation/base.py:91
🔗
Medium External URL 外部 URL
http://schemas.openxmlformats.org/drawingml/2006/main
ooxml/scripts/validation/base.py:92
🔗
Medium External URL 外部 URL
http://schemas.openxmlformats.org/drawingml/2006/chart
ooxml/scripts/validation/base.py:93
🔗
Medium External URL 外部 URL
http://schemas.openxmlformats.org/drawingml/2006/chartDrawing
ooxml/scripts/validation/base.py:94
🔗
Medium External URL 外部 URL
http://schemas.openxmlformats.org/drawingml/2006/diagram
ooxml/scripts/validation/base.py:95
🔗
Medium External URL 外部 URL
http://schemas.openxmlformats.org/drawingml/2006/picture
ooxml/scripts/validation/base.py:96
🔗
Medium External URL 外部 URL
http://schemas.openxmlformats.org/drawingml/2006/spreadsheetDrawing
ooxml/scripts/validation/base.py:97
🔗
Medium External URL 外部 URL
http://schemas.openxmlformats.org/drawingml/2006/wordprocessingDrawing
ooxml/scripts/validation/base.py:98
🔗
Medium External URL 外部 URL
http://schemas.openxmlformats.org/wordprocessingml/2006/main
ooxml/scripts/validation/base.py:99
🔗
Medium External URL 外部 URL
http://schemas.openxmlformats.org/presentationml/2006/main
ooxml/scripts/validation/base.py:100
🔗
Medium External URL 外部 URL
http://schemas.openxmlformats.org/spreadsheetml/2006/main
ooxml/scripts/validation/base.py:101
🔗
Medium External URL 外部 URL
http://schemas.openxmlformats.org/officeDocument/2006/sharedTypes
ooxml/scripts/validation/base.py:102
🔗
Medium External URL 外部 URL
http://schemas.openxmlformats.org/officeDocument/2006/relationships/numbering
ooxml.md:166
🔗
Medium External URL 外部 URL
http://schemas.openxmlformats.org/officeDocument/2006/relationships/image
ooxml.md:167
🔗
Medium External URL 外部 URL
http://schemas.openxmlformats.org/officeDocument/2006/relationships/hyperlink
ooxml.md:231
🔗
Medium External URL 外部 URL
https://www.example.com/
ooxml.md:232
🔗
Medium External URL 外部 URL
http://schemas.microsoft.com/office/word/2023/wordml/word16du
scripts/document.py:95
🔗
Medium External URL 外部 URL
http://schemas.microsoft.com/office/word/2018/wordml/cex
scripts/document.py:104
🔗
Medium External URL 外部 URL
http://schemas.microsoft.com/office/word/2010/wordml
scripts/document.py:113
🔗
Medium External URL 外部 URL
http://schemas.microsoft.com/office/2011/relationships/people
scripts/document.py:985
🔗
Medium External URL 外部 URL
http://schemas.openxmlformats.org/officeDocument/2006/relationships/comments
scripts/document.py:1219
🔗
Medium External URL 外部 URL
http://schemas.microsoft.com/office/2011/relationships/commentsExtended
scripts/document.py:1224
🔗
Medium External URL 外部 URL
http://schemas.microsoft.com/office/2016/09/relationships/commentsIds
scripts/document.py:1229
🔗
Medium External URL 外部 URL
http://schemas.microsoft.com/office/2018/08/relationships/commentsExtensible
scripts/document.py:1234
🔗
Medium External URL 外部 URL
http://schemas.microsoft.com/office/word/2010/wordprocessingCanvas
scripts/templates/comments.xml:2
🔗
Medium External URL 外部 URL
http://schemas.microsoft.com/office/drawing/2014/chartex
scripts/templates/comments.xml:2
🔗
Medium External URL 外部 URL
http://schemas.microsoft.com/office/drawing/2015/9/8/chartex
scripts/templates/comments.xml:2
🔗
Medium External URL 外部 URL
http://schemas.microsoft.com/office/drawing/2015/10/21/chartex
scripts/templates/comments.xml:2
🔗
Medium External URL 外部 URL
http://schemas.microsoft.com/office/drawing/2016/5/9/chartex
scripts/templates/comments.xml:2
🔗
Medium External URL 外部 URL
http://schemas.microsoft.com/office/drawing/2016/5/10/chartex
scripts/templates/comments.xml:2
🔗
Medium External URL 外部 URL
http://schemas.microsoft.com/office/drawing/2016/5/11/chartex
scripts/templates/comments.xml:2
🔗
Medium External URL 外部 URL
http://schemas.microsoft.com/office/drawing/2016/5/12/chartex
scripts/templates/comments.xml:2
🔗
Medium External URL 外部 URL
http://schemas.microsoft.com/office/drawing/2016/5/13/chartex
scripts/templates/comments.xml:2
🔗
Medium External URL 外部 URL
http://schemas.microsoft.com/office/drawing/2016/5/14/chartex
scripts/templates/comments.xml:2
🔗
Medium External URL 外部 URL
http://schemas.microsoft.com/office/drawing/2016/ink
scripts/templates/comments.xml:2
🔗
Medium External URL 外部 URL
http://schemas.microsoft.com/office/drawing/2017/model3d
scripts/templates/comments.xml:2
🔗
Medium External URL 外部 URL
http://schemas.microsoft.com/office/2019/extlst
scripts/templates/comments.xml:2
🔗
Medium External URL 外部 URL
http://schemas.microsoft.com/office/word/2010/wordprocessingDrawing
scripts/templates/comments.xml:2
🔗
Medium External URL 外部 URL
http://schemas.microsoft.com/office/word/2012/wordml
scripts/templates/comments.xml:2
🔗
Medium External URL 外部 URL
http://schemas.microsoft.com/office/word/2016/wordml/cid
scripts/templates/comments.xml:2
🔗
Medium External URL 外部 URL
http://schemas.microsoft.com/office/word/2018/wordml
scripts/templates/comments.xml:2
🔗
Medium External URL 外部 URL
http://schemas.microsoft.com/office/word/2020/wordml/sdtdatahash
scripts/templates/comments.xml:2
🔗
Medium External URL 外部 URL
http://schemas.microsoft.com/office/word/2024/wordml/sdtformatlock
scripts/templates/comments.xml:2
🔗
Medium External URL 外部 URL
http://schemas.microsoft.com/office/word/2015/wordml/symex
scripts/templates/comments.xml:2
🔗
Medium External URL 外部 URL
http://schemas.microsoft.com/office/word/2010/wordprocessingGroup
scripts/templates/comments.xml:2
🔗
Medium External URL 外部 URL
http://schemas.microsoft.com/office/word/2010/wordprocessingInk
scripts/templates/comments.xml:2
🔗
Medium External URL 外部 URL
http://schemas.microsoft.com/office/word/2006/wordml
scripts/templates/comments.xml:2
🔗
Medium External URL 外部 URL
http://schemas.microsoft.com/office/word/2010/wordprocessingShape
scripts/templates/comments.xml:2
🔗
Medium External URL 外部 URL
http://schemas.microsoft.com/office/comments/2020/reactions
scripts/templates/commentsExtensible.xml:2

File Tree

20 files · 204.1 KB · 4936 lines
Python 11f · 3742L Markdown 3f · 1154L Text 1f · 30L XML 5f · 10L
├─ 📁 ooxml
│ └─ 📁 scripts
│ ├─ 📁 validation
│ │ ├─ 🐍 __init__.py Python 15L · 336 B
│ │ ├─ 🐍 base.py Python 951L · 39.0 KB
│ │ ├─ 🐍 docx.py Python 274L · 9.8 KB
│ │ ├─ 🐍 pptx.py Python 315L · 12.0 KB
│ │ └─ 🐍 redlining.py Python 279L · 10.9 KB
│ ├─ 🐍 pack.py Python 159L · 5.5 KB
│ ├─ 🐍 unpack.py Python 29L · 1.0 KB
│ └─ 🐍 validate.py Python 69L · 1.9 KB
├─ 📁 scripts
│ ├─ 📁 templates
│ │ ├─ 📄 comments.xml XML 2L · 2.6 KB
│ │ ├─ 📄 commentsExtended.xml XML 2L · 2.6 KB
│ │ ├─ 📄 commentsExtensible.xml XML 2L · 2.7 KB
│ │ ├─ 📄 commentsIds.xml XML 2L · 2.6 KB
│ │ └─ 📄 people.xml XML 2L · 147 B
│ ├─ 🐍 __init__.py Python 1L · 65 B
│ ├─ 🐍 document.py Python 1276L · 49.2 KB
│ └─ 🐍 utilities.py Python 374L · 13.4 KB
├─ 📝 docx-js.md Markdown 349L · 16.1 KB
├─ 📄 LICENSE.txt Text 30L · 1.4 KB
├─ 📝 ooxml.md Markdown 609L · 23.0 KB
└─ 📝 SKILL.md Markdown 196L · 9.9 KB

Dependencies 2 items

PackageVersionSourceKnown VulnsNotes
defusedxml * pip No 安全XML解析,防XXE
lxml * pip No XML处理库,无版本锁定

Security Positives

✓ 使用defusedxml安全XML解析库,防止XXE攻击
✓ 代码结构清晰,文档与实现完全一致
✓ 包含完整的文档验证逻辑(XSD schema + OOXML规范)
✓ 临时文件操作在temp目录中进行,不污染原始文件
✓ subprocess调用有超时保护(10秒)和错误处理
✓ 所有外部工具依赖(soffice、git、pandoc)在文档中声明
✓ XML注释处理规范化,使用defusedxml.minidom避免恶意实体