It can be run in a VM with non-persistent root filesystem.

Did you ask out of serious technical concern? Or just because the main contributor seems to be a famous security researcher?

Both, but more the second one. How many people, even of those few who care enough to get this set up, would think to open some arbitrary WordPerfect document from an untrusted source, or even from anyone at all? Who would they be collaborating with who also uses WordPerfect?

I don't think this is the kind of tool used by people who collaborate and or share the working documents in a business setting anyway.

I think it mostly exist for the challenge of making it run reliably, work locally and to publish documents in pdf or printed form. If you are only using it for your own document, don't include images randomly downloaded from the internet, there is not much risk.