ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

PPT制作

v1.0.0

使用python-pptx制作科技风PPT,支持多布局、多图文混排及HTML内容嵌入,轻松生成专业演示文稿。

3· 4.1k·35 current·39 all-time
by@dragon015
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name/description (create PPTs with python-pptx and Pillow) align with the included code and SKILL.md. The dependencies mentioned (python-pptx, pillow) are exactly what's needed to generate .pptx files and manipulate images.
Instruction Scope
SKILL.md instructs installing python-pptx and pillow and running the provided script or using its API. It does not instruct reading unrelated files or exfiltrating data. The README mentions HTML embedding "through screenshots or links" — the file portion visible doesn't show network fetch or headless-browser usage; confirm the truncated remainder doesn't perform unexpected network or filesystem operations if you plan to run it.
Install Mechanism
No install spec in the registry; runtime instructions recommend pip installing standard Python packages from PyPI. This is a low-risk, expected install method for a Python utility.
Credentials
The skill declares no required environment variables, no credentials, and the code visible doesn't reference secrets or config paths. Nothing requested appears disproportionate to generating PPT files.
Persistence & Privilege
always is false and there is no behavior that attempts to modify other skills or persist configuration. The skill runs only when invoked.
Assessment
This skill appears coherent for creating PPTX files with python-pptx and Pillow and doesn't request credentials or unusual installs. Before running: - Inspect the full ppt_maker.py (the provided source was truncated in the review) for any network calls (requests, urllib, sockets), subprocess execution, or code that reads arbitrary files/credentials. - Run pip installs in a virtualenv to avoid polluting your system Python. - If you will provide HTML links for embedding, verify how the code handles them (does it fetch remote resources or expect local screenshots?). - If you have low tolerance for risk, run the script in a sandboxed/non-privileged environment on sample inputs first. If you want, provide the remainder of ppt_maker.py and I can re-check the complete file for network, file system, or other unexpected operations.

Like a lobster shell, security has layers — review code before you run it.

latestvk971mzfp20zgycjc1z3pcjp0hs8235mw

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments