Tmp.V16Z3aLtXA

ReviewAudited by ClawScan on May 14, 2026.

Overview

The skill mostly matches Google Slides editing, but it exposes a broad authenticated run escape hatch and relies on an unreviewed npm/MCP setup.

Install only if you trust the `gogcli-mcp-slides` package and the Google account it will use. Prefer a dedicated or least-privileged Google account, pin or verify the npm package, and require confirmation before delete/replace/export actions or any `gog_slides_run` use.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Medium

#ASI02: Tool Misuse and Exploitation

What this means

An agent could use a broad command path instead of safer named Slides tools, increasing the chance of unintended account or presentation changes.

Why it was flagged

A documented run escape hatch for 'anything not covered' is not clearly bounded to the named Slides tools, and it would operate in the context of an authenticated Google account.

Skill content

Plus 5 auth tools and `gog_slides_run` for anything not covered.

Recommendation

Use named Slides tools where possible, require explicit confirmation before any `gog_slides_run` use, and restrict the Google account or scopes used by the tool.

Low

#ASI03: Identity and Privilege Abuse

What this means

The agent may be able to read or modify presentations accessible to the configured Google account.

Why it was flagged

The skill depends on an already-authenticated Google/gogcli session. That is expected for managing Google Slides, but it grants the skill actions under the selected account.

Skill content

- [gogcli](https://github.com/steipete/gogcli) installed and authenticated

Recommendation

Use a dedicated or least-privileged Google account when possible, and verify what account is set in `GOG_ACCOUNT` before use.

Low

#ASI04: Agentic Supply Chain Vulnerabilities

What this means

The behavior users get depends on the npm package resolved at setup/runtime, not code reviewed in this artifact bundle.

Why it was flagged

The setup runs an external npm package without a pinned version, while the provided artifact set contains no code files for that package.

Skill content

"command": "npx", "args": ["-y", "gogcli-mcp-slides"]

Recommendation

Verify the npm package provenance, consider pinning a trusted version, and review the package source before configuring the MCP server.