Google Slides
ReviewAudited by ClawScan on May 1, 2026.
Overview
This appears to be a coherent Google Slides integration, but it uses Maton-managed OAuth/API access and can modify Slides content, so users should approve write actions carefully.
Install only if you trust Maton and want this agent to work with Google Slides. Keep MATON_API_KEY secret, verify the OAuth account and scopes during connection, use the Maton-Connection header when multiple accounts exist, and require clear confirmation before any create, update, or delete action.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the user approves the wrong operation, the agent could create or alter Google Slides content in the connected account.
The skill exposes modification APIs for Google Slides, but the artifacts also direct the agent to obtain explicit approval before create, update, or delete calls.
The batchUpdate endpoint is used for most modifications... All write operations require explicit user approval.
Review the target presentation, slide IDs, and intended change before approving any write operation.
The connected Maton/Google authorization can allow the skill to act on Google Slides resources for that account.
The skill requires a Maton API key and delegates access to a Google Slides account through OAuth, which is expected but sensitive account authority.
All requests require the Maton API key in the Authorization header... Open the returned `url` in a browser to complete OAuth authorization.
Use the intended Google account only, protect MATON_API_KEY like a credential, and revoke/delete connections that are no longer needed.
Slide titles, content, and account-scoped API actions may be visible to or processed by the Maton service as part of the integration.
Google Slides requests and potentially presentation content pass through the Maton API gateway before reaching Google, so users need to trust that intermediary.
Maton proxies requests to `slides.googleapis.com` and automatically injects your OAuth token.
Confirm that Maton is the intended service provider and that its privacy/security posture is acceptable for the slide content being handled.
Users have less registry-provided context for verifying the publisher before granting account access.
The registry metadata provides limited provenance details even though the skill requires trusting a third-party API/OAuth service.
Source: unknown; Homepage: none
Verify the publisher and Maton domain independently before creating OAuth connections or storing the API key.