SketchUp-PPT生成
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
It can write a local PPTX file wherever you tell it to save the output.
The script writes the generated presentation to a command-line path supplied by the user. This is the intended function, but it means the chosen output file can be created or overwritten.
output_pptx = sys.argv[2] ... prs.save(output_pptx)
Use an intentional output filename and keep backups of important presentations before running the script.
The skill may fail until the dependency is installed, and installing packages from untrusted sources can introduce supply-chain risk.
The script depends on the external python-pptx package, while the provided install information declares no install spec or required packages. This is a setup/provenance gap, not observed malicious behavior.
from pptx import Presentation
Install python-pptx only from a trusted package source and consider pinning or reviewing the package version in your environment.