SketchUp-PPT生成
PassAudited by ClawScan on May 10, 2026.
Overview
The skill appears benign: it locally creates a 15-page PPT framework from a user-chosen SketchUp file, with minor setup and file-overwrite caveats.
This looks safe for local PPT framework generation. Before using it, verify the python-pptx dependency, run it only on SketchUp files you choose, and save to a new or backed-up PPTX path. Also note that the script mainly builds the slide framework and does not appear to parse the SketchUp model or generate screenshots automatically.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
It can write a local PPTX file wherever you tell it to save the output.
The script writes the generated presentation to a command-line path supplied by the user. This is the intended function, but it means the chosen output file can be created or overwritten.
output_pptx = sys.argv[2] ... prs.save(output_pptx)
Use an intentional output filename and keep backups of important presentations before running the script.
The skill may fail until the dependency is installed, and installing packages from untrusted sources can introduce supply-chain risk.
The script depends on the external python-pptx package, while the provided install information declares no install spec or required packages. This is a setup/provenance gap, not observed malicious behavior.
from pptx import Presentation
Install python-pptx only from a trusted package source and consider pinning or reviewing the package version in your environment.