Skip to content

SecurityRonin/docx-mcp

v0.7.3 Breaking

This release includes breaking changes for platform teams planning a safe upgrade.

Published 9d MCP Developer Tools
✓ No known CVEs patched
Read the diff → Tool health → What is this tool? →

✓ No known CVEs patched in this version

Topics

ai-tools comments document-editing docx footnotes mcp
+5 more
mcp-server model-context-protocol ooxml track-changes word

Summary

AI summary

Documentation updates mark scrub_pii as experimental across all surfaces.

Full changelog

What's new

Documentation & safety

scrub_pii is now clearly marked experimental — not for production use across all surfaces:

  • server.py: docstring opens with [EXPERIMENTAL] warning, lists all four known NER gap categories, corrects model name to en_core_web_lg / ~560MB
  • README.md: new PII Scrubbing (Experimental) section with a prominent warning callout, reliable vs. unreliable detection split, all four known gaps, and a dry_run=True-first recommended workflow
  • SKILL.md: PII Scrubbing table added to Quick Reference with ⚠️ Experimental heading and WARNING block — agents reading the skill at runtime will see the caveat before calling the tool

Known NER gaps documented in all three locations:

  • Names in ALL-CAPS (ledger headers, table cells) — frequently missed
  • Single-token names with no surrounding context — unreliable
  • Non-English names (Arabic, CJK, African) — low recall on the English model
  • Names in legal boilerplate (Lender: Jane Doe, Authorized Signatory: John Smith) — often skipped

Pattern-based detectors (email, phone, SSN, credit card, IBAN, IP address) remain reliable and are unaffected.

No code changes

This is a documentation-only patch on top of v0.7.2. No API or behaviour changes.

uvx docx-mcp-server  # always pulls latest

Full Changelog: https://github.com/SecurityRonin/docx-mcp/compare/v0.7.2...v0.7.3

View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track SecurityRonin/docx-mcp

Get notified when new releases ship.

Sign up free

About SecurityRonin/docx-mcp

Read and edit Word (.docx) documents with track changes, comments, footnotes, and structural validation. The only MCP server combining w:ins/w:del tracked changes, threaded comments, and footnotes with OOXML-level paraId validation and document auditing. 18 tools, Python 3.10+.

All releases →

Related context

Earlier breaking changes

  • v0.6.1 Empty `document_handle` resolves to `__default__` slot, maintaining backward compatibility.

Beta — feedback welcome: [email protected]