Skillv1.0.0

ClawScan security

Ppt Task Orchestrator · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 25, 2026, 8:47 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's code broadly matches its stated purpose (parsing PPTX, building PSD/PNG tasks, delivering zip), but it has mismatches and undeclared runtime requirements (external library and binary usage) and executes local filesystem operations and child processes that deserve scrutiny before use.
Guidance: This skill performs local PPTX parsing, may call external tools, and writes/copies files — so: - Do not run it on sensitive systems or with sensitive PPTX files until you review and install its dependencies. - Confirm the environment has the expected Node modules (jszip) and the main-image-editor/psd-automator code the skill imports; their absence will cause runtime errors. - Inspect the remainder of lib/ppt-parser.js (the truncated portion) to see exactly which child_process commands are run (OCR, unzip, etc.). If it invokes external binaries, ensure those binaries are trusted and declared. - Test with a non-sensitive PPTX in a temporary directory and run a dry-run first to observe what files are read and written. - If you require stronger guarantees, ask the author to: (1) declare dependencies and required binaries, (2) provide an install spec or packaging, and (3) document exactly which external commands are executed and how untrusted PPT content is sanitized.

Review Dimensions

Purpose & Capability: noteThe description promises PPTX→page task orchestration reusing main-image-editor and psd-automator; the code does import and call a main-image-editor task orchestrator which is coherent with the description. However the skill does not declare that it depends on the main-image-editor library nor on npm packages (e.g. jszip) or any external CLI tools — these undeclared dependencies are an inconsistency.
Instruction Scope: concernThe SKILL.md and scripts instruct the agent to read arbitrary local PPTX files (absolute or ~ paths), read an index (~/.openclaw/psd-index.json) and write delivery directories and zip files. The parser code also imports child_process.spawnSync (truncated usage visible), implying it may invoke external binaries for OCR/extraction without listing required binaries; this plus the fact that parsed slide text can contain file paths means untrusted PPT content could influence filesystem paths or commands if not carefully sanitized. There are no network-sending steps in the visible code, but local file I/O and external command execution are present and should be reviewed.
Install Mechanism: concernThe skill has no install spec even though it includes Node source files that import third-party modules (JSZip) and rely on another library (main-image-editor). Without an install step, required npm packages and the main-image-editor module may not be available at runtime — this is an operational and security inconsistency (missing dependency declaration).
Credentials: okThe skill requests no environment variables or credentials (none declared). It operates on local file paths provided by the user/request JSON. The lack of credential requests is proportionate to the declared purpose.
Persistence & Privilege: okThe skill is not always-enabled and does not request system-wide privileges. It writes delivery output and backups as part of its stated function; there is no evidence it modifies other skills' configs or requests persistent elevated privileges.